Skip to content

Saphir CyberSecurity

Rapid penetration testing & private/public bug bounty.

pawel.szafirowski

About

Szafirowski Pawel

Email: pawel saphir.berlin

Services

Penetration testing – flexible approach:
- Web application / thick client / API / infrastructure (black‑box or grey‑box)
- Rapid penetration test (identify as many issues as possible quickly, prioritising high‑risk findings)
Bug bounty – participation in:
- Public programs (e.g., via invitation on HackerOne, YesWeHack, Synack, Intigriti, Inspectiv)
- Private, company‑internal programs (limited researcher pools)

External resources

Synack – Hero & Acropolis recognitions (Szafirowski Pawel)

Hero: yearly award for impact and production.

“15 for 15” highlights top researchers monthly.

Paul Szafirowski – LinkedIn

ProximusPL – GitHub

proximus_pl – HackerOne

Proximus – YesWeHack

Proximus – Intigriti

Proximus – inspectiv

Apple web server security acknowledgements – HT201536
The security content of macOS Sonoma 14 (Reminders) – HT213940

Microsoft SharePoint Elevation of Privilege – CVE‑2025‑53760 (Szafirowski Pawel)

High 7.1 Full SSRF in Microsoft Office SharePoint allows an authorised attacker to elevate privileges over a network.