I am AzraelSec

Full Stack Web Developer,Mobile Developer,Desktop Developer,AWS Developer,Cyber Security Enthusiast, Penetration Tester, Computer Science Student

Name: Federico Gerardi

Profile: Full Stack Developer

Email: federicogerardi94[at]gmail.com

Phone: (+39) 3450156143

Teams: ESN Italy IT Committee

University: University of Pisa, Universitat de Barcelona

Skill

NodeJS/JS 85%
Angular2+ 80%
Ionic 50%
Android/Java 70%
AWS 90%
Complete List
About me

I'm Federico Gerardi (aka AzraelSec). I'm currently a computer science student at the University of Pisa (Italy).

I'm a Full Stack Developer and Cyber Security Enthusiast. I'm specialized in Penetration Testing, Code Reviewing, Full Stack Web Developing and Mobile Developing I'm involved in as many CTFs and Vulnerability Assessments as possible.

I am very enthustiastic about developing security softwares and tools in order to help my colleagues in automating their work as much as possible.

Abilities

What do I do?

Desktop Development

It is always a real necessity for a company to have particular programs (or tools) to complete their own daily goals but not always those particular programs exist. Why not to create them?

Web Development

I realized web projects using the most popular and efficient frameworks: jQuery, Angular2+, Laravel, and more. I have experience in PWA developing too using the Ionic Framework.

Mobile Developing

Android is the most diffused mobile OS and sometimes happens that We'd like to have an app that does not exist. Not a problem: a bit of Java and the Android SDK will solve everything.

Penetration Testing

"Security through obscurity" is something that does not work anymore, does it? Everyone needs a complete and proper penetration test to verify Its own grade of (in)security.

Vulnerability Assessment

Are you really sure that your website or your network is completely secure? Vulnerability assessment will be useful to find out all vulnerability flaws to which your system is exposed to.

Code Review

It's really hard for a programmer without any experience in security to write a secure program. A well done (white hat) code review could avoid to expose your platform to initial attacks.

1

RESPONSIBLE DISCLOSURES

8

YEARS OF EXPERIENCE

4

CERTIFICATIONS

3

PUBLICATIONS

Portfolio

These are some of my projects

TURING

TURING

Java

TURING (aka disTribUted collaboRative edItiNG) is a tool for the distributed collaborative documents editing which offers a small set of services.

TURING

RoboWar

TypeScript

RobowWar is a simple and minimalistic browser game in which a funny robot will fight against multiple enemies to get to the final goal

CMShell

C.T.F. Time - Alexa Skill

JS/NodeJS/AWS

C.T.F. Time is an Amazon Alexa Skill which will allow you to stay up to date on upcoming cature the flag events and teams rankings.

CMShell

CMShell

JS/jQuery

CMShell is a simple, highly customizable and easily extensible static content managment system that allows you to share contents in a very original way.

DarkCloud

DarkCloud - Blog

Jekyll

Simple blog in which I usually publish CTF walkthroughs and security-related articles

CMShell

Wator - Multithreaded Wa-Tor

C

Wator is a multithreaded implementation of Wa-tor project, developed for University Operative System's exam

PUBLICATIONS

What have I published?

Vulnerability Assessment

Phorum (v5.2.20) Full Disclosure

During the web application security assessment for Phorum, VoidSec Team assessed the following systems using basically a grey-box approach, checking security from the perspective of an external attacker, with credentials.

-VoidSec Team
CTF Report

JuniorsCTF 2017 - Scam

During the JuniorsCTF 2017 remote competition, JBZ team solved the Scam web challange that involved a SQL injection vulnerability affecting a Telegram Bot.

-JBZ Team
HTB Walkthrough

HackTheBox - Postman

Postman is a Linux HackTheBox machine that exposes a Redis exploitable service and a vulnerable version of Webmin.

-AzraelSec