I am a Computer Engineering graduate currently pursuing an M.Sc. in Cybersecurity at the University of Padova, Italy. I am passionate about building secure, automated, and resilient systems through rigorous empirical engineering.

I am driven by a passion for designing robust, secure, and automated software architectures. Throughout my studies in computer engineering and my current specialization in cybersecurity, I have developed a deep appreciation for system-level safety.

I believe that as software environments become increasingly autonomous, complex, and interconnected, the role of a security engineer is to proactively audit software internals, automate defensive systems, and design inherently resilient architectures.

I thrive on taking ambiguous, low-level technical challenges—whether it is reverse engineering binary logic, benchmarking network performance, or interacting directly with blockchain protocols—and solving them through hands-on development and systematic testing.

• ⚙️ Software Automation & Scripting: Designing highly performant automated engines, custom scrapers, desktop/emulator automation, and modular CLI/GUI tools in Python and C++.
• 🔓 Reverse Engineering & Vulnerability Research: Analyzing software internals, smart contract auditing, reverse engineering binaries, and proactive threat modeling.
• 🛡️ Cybersecurity & Network Architecture: Implementing Zero Trust Network Access (ZTNA) frameworks, microservice isolation, access control, and secure protocol configurations.
• 🤖 AI Safety & Robustness: Empirical model auditing, red-teaming, jailbreak mitigation, and evaluating the security boundaries of autonomous systems.
• ⛓️ Cryptography & Decentralized Systems: Exploring decentralized architectures, cryptographic key management, and secure blockchain integrations.

Here are a few empirical and systems-level projects I've built:

• ztna-prototype (B.Sc. Thesis)

  • An advanced Zero Trust Network Access prototype comparing Classic (mTLS/Nginx gateway) and Proxyless (token cache) architectures.
  • Integrated Meta's Osquery for dynamic host posture assessment and automatic token revocation.
  • Conducted a rigorous empirical performance analysis (latency, CPU overhead) using Pandas, NumPy, and Seaborn, structured in the style of an academic research paper.

• TelegramTradinBot

  • An autonomous, low-latency trading bot written entirely in Python that monitors real-time Telegram channels for token launch signals.
  • Integrated direct blockchain interaction with the Solana network using Solana-Py and Rust-based Solders to automate SPL-token swaps.
  • Implemented Jito MEV-protection protocols to secure automated transactions from front-running attacks on the mainnet.
  • Designed a secure cryptographic storage vault utilizing AES-256-GCM to encrypt and handle user private keys safely.

• BOT-MACRO

  • A high-performance visual automation engine for Android emulators written in Python.
  • Utilizes OpenCV (multi-template matching) and MSS for real-time, asynchronous screen scanning and automatic popup detection.
  • Features defensive anti-ban algorithms (randomized mouse curves and coordinate offsets).

• Lead Hunter V3

  • An autonomous AI B2B lead generation agent built in Python and Streamlit.
  • Implements a custom geographic grid-scraping algorithm with Google Places and integrates LLMs via OpenRouter to conduct automated, real-time business and infrastructure audits.

• Languages: Python, JavaScript (ES6), C++, C#, Java, SQL, HTML/CSS
• Systems & Automation: Linux Systems, Git & Version Control, Docker, PyQt6, OpenCV, Windows API (pywin32), PyAutoGUI, Asynchronous Programming
• Security & Networking: Cryptographic Protocols (AES-256-GCM), Reverse Engineering, Smart Contract Auditing (Solidity), Osquery, mTLS, Redis, Network Benchmarking, ZTNA Architectures
• Blockchain Integration: Solana Web3 (Solana-Py, Solders), Telethon (Telegram MTProto), Cryptographic Key Management, MEV Protection (Jito)
• Machine Learning / Auditing: PyTorch, Hugging Face (Transformers), NumPy, Pandas, Weights & Biases (WandB), Empirical Model Auditing

• LinkedIn: linkedin.com/in/marcello-mendo
• Email: marcello.mendo@gmail.com
• Academic Base: University of Padova, Italy

“Security is not a static state, but a continuous process of automated auditing, resilient design, and empirical testing.”