01

┌──(lnpx@kali)-[~/portfolio]

└─$ whoami

Paulin

Security Analyst & aspiring offensive security specialist.
Finding vulnerabilities before the wrong people do.

Get in touch Notable work

02

About

I'm Paulin — I go by LnPx. I break things to understand how they work, then help build them stronger. Currently a Security Analyst at YesWeHack, where I analyze, triage, and validate vulnerabilities across web, API, and network attack surfaces.

My goal is to transition fully into offensive security and red team operations. I'm pursuing the HackTheBox CPTS (Certified Penetration Testing Specialist) certification — deepening my practical skills in adversary simulation, privilege escalation, and lateral movement.

I believe in pragmatic security: understand the attacker's mindset, find the weak points, and communicate risk clearly.

HandleLnPx
RoleSecurity Analyst
OrgYesWeHack
LocationCanada
LanguagesEnglish, French
FocusOffensive Security

03

Skills & Tools

Domains

Web Application Security OWASP Top 10 API Security Testing Network Penetration Testing Vulnerability Research Exploit Development Red Team Operations Social Engineering

Tools & Platforms

Burp Suite Professional Metasploit Nmap Wireshark C2 Frameworks Python Custom Tooling

04

Notable Work

Vulnerability Disclosure

CVE-2026-47094

Discovered an IDOR (Insecure Direct Object Reference) vulnerability leading to full Account Takeover. Classified under CWE-639, the flaw impacts approximately ~1 million users and was responsibly disclosed through the VulnCheck platform.

CWE-639 IDOR → ATO ~1M users impacted Discovered via VulnCheck
⚑ Under embargo until September 16, 2026. Full technical details will be published after the embargo lifts.

05

Experience

Security Analyst  · YesWeHack
July 2025 — Present

Triaging and validating vulnerability reports from a global community of security researchers. Analyzing web applications, APIs, and network infrastructure for security flaws. Collaborating with organizations to remediate critical vulnerabilities.

Independent Researcher  · Bug Bounty
Ongoing

Hunting for vulnerabilities across public bug bounty programs. Specializing in web application security testing, IDOR discovery, and access control bypass techniques.

06

Education & Certifications

HackTheBox CPTS

Certified Penetration Testing Specialist — In Progress

Advanced penetration testing certification covering external/internal network testing, Active Directory exploitation, web application attacks, privilege escalation, and reporting.

Self-Directed Learning

Continuous

Studying exploit development, adversary emulation, and red team infrastructure. Active on HackTheBox, TryHackMe, and various CTF platforms.

07

Contact

I'm open to collaboration, research opportunities, and connecting with fellow security professionals.

@ lnpx111@gmail.com

$ PGP key available upon request.