Skip to content
View thelicato's full-sized avatar
87 followers · 175 following

Achievements

Achievement: Pull Sharkx2Achievement: Starstruckx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull Sharkx2Achievement: Starstruckx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Block or report thelicato

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
thelicato/README.md

πŸ€– Hi, I'm Angelo Delicato

About Me

  • πŸŽ“ M.Sc. Degre in "Computer Engineering" at University of Naples "Federico II"
  • πŸ‘¨β€πŸ’» Penetration Tester at SECFORCE
  • πŸ–– Incurable Nerd
  • 🎞️ Movie/TV Show addicted

Want to know more? Check my website.

CVEs

  • CVE-2025-58374: Auto-approve allows npm install execution of malicious postinstall scripts. (RooCode)
  • CVE-2025-58373: Symlink-bypass of .rooignore leading to unintended file disclosure. (RooCode)
  • CVE-2025-58372: Potential Remote Code Execution via .code-workspace. (RooCode)
  • CVE-2024-28722: Reflected XSS. (Innovaphone myPBX)
  • CVE-2024-3761: Missing Authorization on Delete Datasets. (lunary-ai/lunary)
  • CVE-2023-7194: Reflected XSS. (Meris WordPress Theme)
  • CVE-2022-2535: Unauthenticated Arbitrary Post Title Disclosure. (SearchWP Live Ajax Search plugin)

Projects

  • DroidGround: A flexbile playground for Android CTF challenges.
  • RoboDroid: Manage and deploy Android machines with pre-defined behaviors for Cyber Range environments
  • RAUDI: Regularly and Automatically Updated Docker Images
  • Dockerized Android: A container-based framework to execute Android in Docker
  • HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion
  • asciified: A simple ASCII Art API with a good-looking Web App.

Pinned Loading

  1. SECFORCE/droidground SECFORCE/droidground Public

    A flexible playground for Android CTF challenges.

    TypeScript 97 5

  2. cybersecsi/houdini cybersecsi/houdini Public

    Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

    TypeScript 1.2k 49

  3. cybersecsi/RAUDI cybersecsi/RAUDI Public

    A repo to automatically generate and keep updated a series of Docker images through GitHub Actions.

    Python 560 34

  4. cybersecsi/dockerized-android cybersecsi/dockerized-android Public

    A container-based framework to enable the integration of mobile components in security training platforms

    TypeScript 183 26

  5. cybersecsi/invisible-backdoor-detector cybersecsi/invisible-backdoor-detector Public

    A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

    Python 34 6

  6. cybersecsi/blueborne-dockerized cybersecsi/blueborne-dockerized Public

    Repo code for the related post on SecSI Blog: https://secsi.io/blog/blueborne-kill-chain-on-dockerized-android

    Python 7 1