Grzegorz Niedziela

Bug Bounty Hunter Freelance Pentester Content Creator

Krakow, Lesser Poland Voivodeship
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Grzegorz Niedziela is a seasoned penetration tester and bug bounty hunter with nine years of hands-on experience in application security, currently running the Bug Bounty Reports Explained channel to share disclosed findings and pragmatic attack techniques. He’s worked in corporate InfoSec roles at Philip Morris International and as a pentester at Comarch, building automation tools for vulnerability discovery, exploitation and data exfiltration. As a contributor to GitHub’s CodeQL project, he developed queries and tests to detect ZipSlip vulnerabilities in Ruby, demonstrating practical static-analysis expertise that complements his offensive skills. Based in Krakow, he blends freelance consulting with content creation, making complex security issues accessible to practitioners and newcomers alike. Collected academic training from AGH University underpins his methodical approach to assessments and tooling.
code8 years of coding experience
job1 year of employment as a software developer
bookAGH University
languagesEnglish, Polish, German
stackoverflow-logo

Stackoverflow

Stats
1reputation
0reached
0answers
0questions
github-logo-circle

Github Skills (8)

ruby10
it-security10
vulnerability-detection10
dataflow10
codeql10
security10
github-advanced-security9
testing8

Programming languages (7)

CCodeQLVueGoHTMLRubyPython

Github contributions (5)

github-logo-circle
github/codeql

Oct 2022 - Oct 2022

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Role in this project:
userSecurity Engineer
Contributions:1 commit, 2 PRs, 3 comments in 1 day
Contributions summary:Grzegorz's primary contributions focused on enhancing the security of the `codeql` repository. They added queries and tests related to ZipSlip vulnerabilities, specifically targeting Ruby code, by developing new QL code for detecting such vulnerabilities. The user also addressed block usages in the code for additional coverage.
github-advanced-securitysecurity-toolsgithub-security-labsecurity-researcherssecurity
Tools for detection and exploitation of chosen vulnerability classes in web applications - Engineer's Thesis - AGH UST
Contributions:50 commits, 41 pushes, 1 branch in 8 months
web-applicationsaghbugbountysecurityweb-application
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Grzegorz Niedziela - Bug Bounty Hunter Freelance Pentester Content Creator