Backend dev | Red Team Analyst | AI Integrator | Cyber Lover | Maker
Experienced in building AI-powered tools, civic transparency platforms, threat intelligence agents, and autonomous scrapers. Operating at the intersection of philosophy, cybersecurity, and open knowledge.
Project | Description | Badges |
---|---|---|
cavehunter |
Python tool to identify and extract code caves from Windows PE files for stealthy payload injection and red team operations | RedTeam PE CodeCaves Shellcode PostExploitation Evasion |
dns_c2_architecture_ed25519 |
Stealth-oriented DNS-based C2 framework I designed, featuring time-variant DGA labels, Ed25519-signed TXT payloads, sandbox-aware segmentation, and a registrar/client toolset for Red Team and APT-style simulations | RedTeam APT DNSC2 Ed25519 StealthOps CustomC2 |
kali_gpt_clone |
Fully functional clone of Kali GPT assistant, reverse engineered from the original by XIS10CIAL; includes system prompt, function tools, and original knowledge base (incl. Daniel W. Dieterleβs work) | RedTeam OffensiveSecurity AI Assistant KaliLinux GPT4 FunctionCalling |
uuid-shell-loader |
Loader for in-memory shellcode via UUID obfuscation | RedTeam AV Bypass MemoryLoader |
mitre-ai-agent |
LangChain agent to interact with STIX 2.1 threat intelligence | LangGraph MongoDB RAG |
openPA-crawler |
Scraping engine for Italian public tenders (CUP, CIG, Albo Pretorio) | OSINT PDF OCR Streamlit Dashboard |
brindisileaks |
Anonymous reporting platform using Tor + OCR | Whistleblowing SecureDrop Activism |
nao-edu-kit |
NAO robot kit for philosophical-ethical education | Robotics Empathy AI + STEM |
secinfoita.github.io |
Blog di analisi malware, red team e tecniche avanzate | Security Research Offsec |
malwareobs |
Repository per osservazioni, report, IOC e sandbox | Analysis Persistence Reverse Engineering |
chia-rpc-java |
Java-based RPC wrapper for Chia blockchain | Blockchain RPC API Java CLI Integration |
Proxmox + FLARE VM |
A custom Proxmox VM with pre-installed Mandiant FLARE VM for malware analysis | ReverseEngineering MalwareLab Proxmox FLARE VM Volatility Sysinternals x64dbg StaticAnalysis DynamicAnalysis WindowsInternals |
GitHub Repo Crawler |
Python script to search, download, and follow GitHub repos by keyword automatically | GitHub API Automation Repo Mining Python Streaming TQDM Data Collection Follow Automation |
CVE Markdown Parser Agent |
LangGraph AI agent that recursively scans .md files, extracts CVE data, and stores in MongoDB | LangChain MongoDB AI Agent STIX 2.1 TQDM Pydantic LLM Automation Cyber Threat Intelligence |
RSS Threat Intelligence Extractor |
LangGraph agent with Selenium, MongoDB & LLM to extract structured threat info from RSS feeds and articles | LangChain LLM Selenium MongoDB Cyber Threat Intelligence AI Agent RSS Processing |
Asynchronous RSS Crime Feed Parser |
Fully async OPML & RSS crawler with MongoDB, LLM agent and structured crime data output | LangChain Asyncio OPML Parsing RSS MongoDB Pydantic Crime NLP AI Agent Selenium |
Albo Pretorio Scraper & Downloader |
Automates the download, deduplication and hash-check of legal documents from Italian municipalities | Scraping OpenData Legal OSINT PDF Hashing SHA256 Excel Export MongoDB ποΈ Document Intelligence |
Sub-Threshold Tender Clustering Agent |
MongoDB analyzer for identifying suspect contract value clustering in Italian public procurement | MongoDB Aggregation Python ANAC Public Spending Contract Clustering π΅οΈ Watchdog Tender Integrity |
Low-Bid Tender Consistency Checker |
Cross-check of unusually low offer counts by year and tender metadata in MongoDB | MongoDB Aggregation Tender Anomaly Detection π΅οΈ Watchdog Low Competition Procurement Audit |
ANAC Addensamento Analyzer |
Indicator generator for public tenders clustering near threshold values | MongoDB Procurement Integrity ANAC Threshold Bypass Detection π΅οΈ Watchdog |
CUP Extractor & API Enricher |
Regex-based CUP extractor from MongoDB docs with OpenCUP API integration | MongoDB Regex OpenCUP API Public Spending Tender Linkage ποΈ Document Intelligence Python |
CUP Extractor (Basic) |
Extracts CUP codes using regex from MongoDB and stores them | MongoDB Regex Public Spending ποΈ Document Intelligence Python |
ANAC Dataset Downloader |
Script to interact with CKAN API, download and extract public datasets from ANAC | Python CKAN SSL Dataset Automation OpenData ποΈ Document Intelligence |
- π§ Introduction to sandbox bypass techniques - on request
- π΅οΈ Memory execution and function hooking - on request
- π§ Antivirus evasion using UUID obfuscation - on request
- π§ͺ Windows persistence and registry abuse - on request
- π© YARA rule crafting for memory detection - on request
- π IOC automation and integration with STIX 2.1 - on request
- π‘ Local Network Scanner in Python - on request
- π¨οΈ Printer Enumeration via SNMP - on request
- π Command & Control Bot with Async Socket - on request
- π₯ Custom Downloader with Stealth Features - on request
- π§Ό File & User Cleaner Module - on request
- π‘ Advanced Scanner Admin Panel - on request
- π OWA Brute-force Engine - on request
- πΎ Credential & AD Dump Module - on request
- π¦ Crypter Builder Design - on request
- 𧬠Modular Spreader Architecture - on request
- ποΈ Cookie Grabber Module - on request
- π File Search by Keywords - on request
- πΈοΈ Lightweight Bot Framework - on request
- ποΈ VPN Client & Admin Panel - on request
- π§Ύ Manual Activation Loader & Bot Link - on request
- π Masscan Porting - on request
- πΎ Simple Cryptolocker - on request
- 𧬠Polymorphic Asm Processor - on request
- π§° Superbrowser Operator Guide - on request
- π RDP Scanner with Python - on request
- π SQL Injection Scanner - on request
- π Operator Guide to Backdoor - on request
- πΈοΈ Async Backconnect Server - on request
- π§© VPN Bridge and Routing Architecture - on request
- π§© Payload Injection in
.text
- π§© Process Enumeration Techniques
- π§© Network Scanning and Service Exposure
- π§© Silent Siphon: Stealth Data Exfiltration
- π§© SimLab Ransomware Simulation
- π§© Full Extraction Techniques
- π§© PoC: Bypass Windows Security Center
- π§© Shellcode UUID4 Obfuscation Loader
- π§© macOS Sandbox Detection and Bypass
- π§© Lumma Stealer Campaign (Analysis Folder)
Languages: Python
, Java
, C++
, Bash
, VB.NET
, JavaScript
Frameworks & Tools: Django
, FastAPI
, LangChain
, Streamlit
, MongoDB
, Selenium
, pfSense
, Proxmox
, Docker
, OCR
, Watchdog
, WireGuard
, Tor
, Autocad
Cyber & Threat Intelligence: STIX 2.1
, MITRE ATT&CK
, YARA
, Red Team Ops
, PowerShell Evasion
, Windows Persistence
, Privilege Escalation
, UUID Shellcode
, Malware Lab
Soft Robotics: NAOqi
, Choregraphe
, Python SDK
for NAO
& Pepper
- GitHub: github.com/marioproto92
- LinkedIn: linkedin.com/in/marioprotopapa
- Mail: on request
- Telegram/PGP/Tor: on request
Sektor7
β Red Team Operator (Malware Dev, Evasion, Priv Esc, Persistence)Cisco
β CCNA Discovery, IT EssentialsMYIND
β SIS Functional Safety (IEC61508/61511)Scuola Edile CPT Brindisi
β SIT & GIS TopographyIl Giunco APS
β Life Ethics & Digital CitizenshipFabLab Brindisi
β Maker Lab (3D Printing, CNC, Arduino, Rapid Prototyping)
- Quosit Srl: Tech Drawing, PLC, Network Security (2014β2023)
- LyondellBasell (via Quosit): IT C-Field Services (2021β2023)
- Self-employed: Web & Desktop Developer, IT Consultant (2023βnow)
- CETMA: GIS Systems, Mobile Apps, SIT Tools (2013β2014)
"Le regole sono importanti. Sapere quando infrangerle, ancora di piΓΉ."
I design tools that uncover what is hidden. Coding is not just logicβit's resistance. I believe in a transparent world where citizens interact, question, and reclaim control over public data, digital rights, and institutional opacity.
βCon un piede nel terminale e uno nellβagorΓ , costruisco il ponte tra tecnica e cittadinanza."
Made with β₯ by Mario Protopapa