Federico Dotta

Principal Security Analyst at HN Security

Turin, Piedmont, Italy
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Federico Dotta is a Principal Security Analyst based in Turin with 15 years in IT security and 11 years focused on application security, leading teams and customer-facing projects. He specializes in proactive services—penetration testing, red teaming and bespoke R&D—across complex web and mobile applications, networks and IoT. Federico blends hands-on exploitation skills with tooling development, contributing core features to notable Burp Suite extensions like Autorize and Brida that bridge Frida and Burp for mobile/vulnerable app analysis. He has a strong academic foundation (Master’s and Bachelor’s with honors from the University of Turin) and a track record of improving detection and automation for Java deserialization and authorization issues. A regular speaker at national and international conferences, he pairs pragmatic security delivery with continuous research and training. Colleagues describe him as a technically curious leader who turns offensive research into practical defenses and reusable tools.
code11 years of coding experience
job1 year of employment as a software developer
bookMaster’s degree in Computer Science, Networks and Systems, 110/110 with honors, Master’s degree in Computer Science, Networks and Systems, 110/110 with honors at University of Turin
languagesItalian, English
github-logo-circle

Github Skills (20)

jython10
authorizations10
burp10
frida10
it-security10
rel10
java10
security10
javas10
exploit10
exp10
authorization10
re210
javascript9
base649

Programming languages (13)

PowerShellJavaCVueGoKotlinTypeScriptShell

Github contributions (5)

github-logo-circle
federicodotta/Brida

Jul 2017 - Jun 2022

The new bridge between Burp Suite and Frida!
Role in this project:
userFull-stack Developer
Contributions:12 releases, 108 commits, 1 PR in 4 years 11 months
Contributions summary:Federico contributed significantly to the Brida project, focusing on bridging Burp Suite and Frida. Their work included initial release, code changes in the Java interface, and updates to the GUI with added features like console output and JS editor implementation. The user also incorporated Android and iOS specific hooks and functions. They demonstrated skills in UI development and extending functionalities.
bridgeburpsuitefrida
All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
Role in this project:
userBack-end Developer
Contributions:8 releases, 57 commits, 4 PRs in 6 years
Contributions summary:Federico primarily contributed to the development of a Burp Suite plugin for detecting and exploiting Java deserialization vulnerabilities. Their work focused on enhancing the plugin's functionality by adding various payloads and attack vectors for different Java versions and libraries, including support for Commons Collections and Spring. The user also added a manual testing mode and improved the GUI. Furthermore, the user implemented DNS, URLDNS, and CPU-based testing capabilities to detect vulnerabilities.
deserializationall-in-onesecurityjava-deserializationvulnerabilities
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Federico Dotta - Principal Security Analyst at HN Security