I am AzraelSec

Full Stack Web Developer,Mobile Developer,Desktop Developer,AWS Developer,Cyber Security Enthusiast, Penetration Tester, Computer Science Student

Name: Federico Gerardi

Profile: Full Stack Developer

Email: federicogerardi94[at]gmail.com

Phone: (+39) 3450156143

Teams: ESN Italy IT Committee

University: University of Pisa, Universitat de Barcelona


NodeJS/JS 85%
Angular2+ 80%
Ionic 50%
Android/Java 70%
AWS 90%
Complete List
About me

I'm Federico Gerardi (aka AzraelSec). I'm currently a computer science student at the University of Pisa (Italy).

I'm a Full Stack Developer and Cyber Security Enthusiast. I'm specialized in Penetration Testing, Code Reviewing, Full Stack Web Developing and Mobile Developing I'm involved in as many CTFs and Vulnerability Assessments as possible.

I am very enthustiastic about developing security softwares and tools in order to help my colleagues in automating their work as much as possible.


What do I do?

Desktop Development

It is always a real necessity for a company to have particular programs (or tools) to complete their own daily goals but not always those particular programs exist. Why not to create them?

Web Development

I realized web projects using the most popular and efficient frameworks: jQuery, Angular2+, Laravel, and more. I have experience in PWA developing too using the Ionic Framework.

Mobile Developing

Android is the most diffused mobile OS and sometimes happens that We'd like to have an app that does not exist. Not a problem: a bit of Java and the Android SDK will solve everything.

Penetration Testing

"Security through obscurity" is something that does not work anymore, does it? Everyone needs a complete and proper penetration test to verify Its own grade of (in)security.

Vulnerability Assessment

Are you really sure that your website or your network is completely secure? Vulnerability assessment will be useful to find out all vulnerability flaws to which your system is exposed to.

Code Review

It's really hard for a programmer without any experience in security to write a secure program. A well done (white hat) code review could avoid to expose your platform to initial attacks.










These are some of my projects


What have I published?

Vulnerability Assessment

Phorum (v5.2.20) Full Disclosure

During the web application security assessment for Phorum, VoidSec Team assessed the following systems using basically a grey-box approach, checking security from the perspective of an external attacker, with credentials.

CTF Report

JuniorsCTF 2017 - Scam

During the JuniorsCTF 2017 remote competition, JBZ team solved the Scam web challange that involved a SQL injection vulnerability affecting a Telegram Bot.

HTB Walkthrough

HackTheBox - Postman

Postman is a Linux HackTheBox machine that exposes a Redis exploitable service and a vulnerable version of Webmin.