I am a Computer Engineering graduate currently pursuing an M.Sc. in Cybersecurity at the University of Padova, Italy. I am passionate about building secure, automated, and resilient systems through rigorous empirical engineering.
I am driven by a passion for designing robust, secure, and automated software architectures. Throughout my studies in computer engineering and my current specialization in cybersecurity, I have developed a deep appreciation for system-level safety.
I believe that as software environments become increasingly autonomous, complex, and interconnected, the role of a security engineer is to proactively audit software internals, automate defensive systems, and design inherently resilient architectures.
I thrive on taking ambiguous, low-level technical challenges—whether it is reverse engineering binary logic, benchmarking network performance, or interacting directly with blockchain protocols—and solving them through hands-on development and systematic testing.
- ⚙️ Software Automation & Scripting: Designing highly performant automated engines, custom scrapers, desktop/emulator automation, and modular CLI/GUI tools in Python and C++.
- 🔓 Reverse Engineering & Vulnerability Research: Analyzing software internals, smart contract auditing, reverse engineering binaries, and proactive threat modeling.
- 🛡️ Cybersecurity & Network Architecture: Implementing Zero Trust Network Access (ZTNA) frameworks, microservice isolation, access control, and secure protocol configurations.
- 🤖 AI Safety & Robustness: Empirical model auditing, red-teaming, jailbreak mitigation, and evaluating the security boundaries of autonomous systems.
- ⛓️ Cryptography & Decentralized Systems: Exploring decentralized architectures, cryptographic key management, and secure blockchain integrations.
Here are a few empirical and systems-level projects I've built:
-
ztna-prototype (B.Sc. Thesis)
- An advanced Zero Trust Network Access prototype comparing Classic (mTLS/Nginx gateway) and Proxyless (token cache) architectures.
- Integrated Meta's Osquery for dynamic host posture assessment and automatic token revocation.
- Conducted a rigorous empirical performance analysis (latency, CPU overhead) using Pandas, NumPy, and Seaborn, structured in the style of an academic research paper.
-
- A high-performance visual automation engine for Android emulators written in Python.
- Utilizes OpenCV (multi-template matching) and MSS for real-time, asynchronous screen scanning and automatic popup detection.
- Features defensive anti-ban algorithms (randomized mouse curves and coordinate offsets).
-
- An autonomous AI B2B lead generation agent built in Python and Streamlit.
- Implements a custom geographic grid-scraping algorithm with Google Places and integrates LLMs via OpenRouter to conduct automated, real-time business and infrastructure audits.
- Languages: Python, JavaScript, C++, C#, Java, SQL, HTML/CSS
- Systems & Automation: Linux Systems, Git & Version Control, Docker, PyQt6, OpenCV, Windows API (pywin32), PyAutoGUI, Asynchronous Programming
- Security & Networking: Cryptographic Protocols (AES-256-GCM), Zod Validation, Reverse Engineering, Smart Contract Auditing (Solidity), Osquery, mTLS, Redis, Network Benchmarking, ZTNA Architectures
- Blockchain & Web Integration: Solana Web3.js (SPL Token, Metaplex), Express.js, Socket.IO, PostgreSQL, Jito (MEV Protection), Telegram Bot API/Client, EJS
- Machine Learning / Auditing: PyTorch, Hugging Face (Transformers), NumPy, Pandas, Weights & Biases (WandB), Empirical Model Auditing
- LinkedIn: linkedin.com/in/marcello-mendo
- Email: marcello.mendo@gmail.com
- Academic Base: University of Padova, Italy
“Security is not a static state, but a continuous process of automated auditing, resilient design, and empirical testing.”