Hi, my name is

Mathis Tamarelle.

I test the security of your applications.

I'm a passionate Cybersecurity Engineer with a strong web & software development background. I completed an internship in Japan at a cybersecurity lab focusing on network and software security and trained myself in offensive security through CTF challenges and online courses. I am also a cybersecurity consultant at Secureflow Initiative, a company created by equally passionate people.

Currently available for freelance

see my resume

what i do

Pentester

  • Experience in web application security testing with Burpsuite and some other tools
  • Analyzing and exploiting network vulnerabilities with Nmap, Metasploit, Wireshark, etc.
  • Lot of experience with Unix systems (Debian, Arch, Fedora)
  • Reverse engineering and binary exploitation with IDA and GDB
  • Active directory miss conf exploitation and privilege escalation

DevSecOps

  • Experience in developing and maintaining CI/CD pipelines
  • Automation of security testing and code quality checks
  • Automating deployment and infrastructure management

full stack development

  • Building full-stack web applications using Next.js with TypeScript, TailwindCSS, ShadCN, and Prisma
  • Developing responsive single-page applications using React.js
  • Creating RESTful APIs using Express for backend development
  • Developing some OSINT & Network security tools with Python
  • Creating System software & low level security tools with C++

where i've worked

Bug Bounty Hunter - Freelance @YesWeHack

september 2025 - present

  • Identified and reported security vulnerabilities in web applications, APIs]
  • Collaborated with development teams to ensure timely remediation of reported issues.
  • Participated in various bug bounty programs to enhance my skills and contribute to the security community.
  • Redacted detailed vulnerability reports with proof of concept and remediation recommendations.

Education

Technology Institut of Bordeaux

Technology Institut of Bordeaux

2022 - 2025

Bachelor's Degree | International University Diploma

Subject :
Computer ScienceSoftware DevelopmentProject ManagementWeb Development

I completed a Bachelor's degree in Computer Science at Bordeaux IUT (Gradignan campus), Track A. As part of the International University Diploma, I followed 60% of my technical courses in English, including programming, databases, networks, and software engineering, and received specific preparation to work in international environments. In my final year, I chose the Cybersecurity option, where I learned the basics of reverse engineering, symmetric and asymmetric cryptography, and web security.

University of Tsukuba

University of Tsukuba

April 2024 - June 2024

University Exchange Program

Subject :
Computer ScienceOperating SystemsNetworks Engineering

Obtained as part of a university exchange in Japan during an academic research internship, this certificate (TIPICS – Tsukuba International Program in Computer Science) is equivalent to a French DEUG (Diplôme d’Études Universitaires Générales) in Computer Science. The program included coursework in algorithms, programming, operating systems, and network engineering, aligned with the standards of Japanese higher education. It also provided exposure to research methodologies, intercultural collaboration, and technical communication in English. The certificate enables further academic study in Japan and reflects a strong foundation in core areas of computer science within an international academic context.

ENSIBS

ENSIBS

2025 - 2028

Engineering Degree

Subject :
CybersecurityCyber Incident ResponseRisk ManagementEngineeringCyber Threat IntelligenceCyber Defense

I am currently enrolled in the Cyberdefense Engineering program at ENSIBS, one of the top cybersecurity engineering schools in France. The curriculum combines academic depth with hands-on training, covering areas such as network and system security, reverse engineering, cryptography, malware analysis, digital forensics, and risk management. The program is supported by the school’s Cyber Security Center, where students train in realistic cyber attack and defense scenarios. Alongside my studies, I am an active member of GCC , ENSIBS’s CTF)team, which achieved 1st place worldwide on Hack The Box in 2023 and 2024, and is currently ranked in the global top 10. Through CTF competitions, I’ve deepened my skills in binary exploitation, cryptography, and web security, while working collaboratively in high-pressure environments.

Missions & Projects I've Worked On

featured projects

Pump'It

A mobile application allowing users to benefit from discounts in several places in Bordeaux

I improved the application/website security by conducting thorough penetration testing and assisting developers in fixing vulnerabilities in the test version of the app. Secureflow developed it.

Web SecurityReact NativeViteTypeScriptExpressPrismaDocker Security

Intel SGX vulnerability research

A research project on Intel SGX vulnerabilities during my Internship in Japan.

I developed some tools in C++ to test the security of Intel SGX's environment
reverse-engineered the SGX SDK functions to understand how they work
and conducted extensive research to identify potential vulnerabilities within the SGX environment by some memory exploitations.

C++Reverse EngineeringWireSharkCryptographyAssembly X86

Auto DevSecOps CI/CD

A solution to automate the security testing and deployment of the company’s projects with many checks.

I developed a CI/CD pipeline with Jenkins
GitLab
Github
and Docker to automate the security testing and deployment of the company’s projects. I also integrated some security checks like dependency check and some other security tools to ensure the security of the projects. This tool was created for Secureflow.

GitlabGithubDockerOWASPCypressJest

CTF Scores

Hack The Box University CTF 2025

Hack The Box University CTF 2025

Ranking3rd
Participants1,000
ModeTeam
TeamGCC
CountryGlobal
LocationOnline

The Hack The Box University CTF 2025 is an international student cybersecurity competition running from December 19 to 21. Students follow a narrative trail of puzzles and technical challenges to investigate this anomaly, tackling 15 challenges across 5 categories, including cryptography, forensics, pwn, reverse engineering and web security. This blend of immersive storytelling and demanding technical tasks places the event among the most prestigious CTF competitions in the academic cyber community.

ECW CTF 2025 - Finals

ECW CTF 2025 - Finals

Ranking2nd
Participants24
ModeTeam
TeamGCC
Country🇫🇷
LocationRennes

The ECW CTF 2025 Finals is the culminating event of the European Cyber Week CTF competition, held in Rennes, France. This prestigious event brings together the top 24 teams from around the world who have qualified through rigorous preliminary rounds. Participants face a series of complex cybersecurity challenges that test their skills in areas such as web security, cryptography, reverse engineering, and forensics. The finals not only showcase technical prowess but also foster collaboration and innovation within the global cybersecurity community.

ECW CTF 2025 - Qualifiers

ECW CTF 2025 - Qualifiers

Ranking33rd
Participants1,111
ModeSolo
Team
CountryGlobal
LocationOnline

The ECW CTF 2025 Qualifiers is a global cybersecurity competition that tests participants skills across various domains, including web security, cryptography, reverse engineering, and forensics. With over 1,100 participants worldwide, the event challenges individuals to solve complex problems and demonstrate their expertise in a competitive environment. The qualifiers serve as a gateway to the main event, attracting top talent from the cybersecurity community.

Page 1 / 2

my projects

what's next

get in touch

I’m currently looking for new missions.

Whether you have a project to discuss or just want to say hi, my inbox is open for all!

Say Hello