Profile Pic

Hi!
I'm Angelo Delicato

Penetration Tester

Hi! I'm a Penetration Tester currently working at SECFORCE.
📜 Master's Degree in Computer Engineering (University of Naples, Federico II)
🖖 Incurable nerd
🎞️ Movie/TV Show addicted

GithubLinkedIn

Projects

DroidGround

DroidGround

RoboDroid is a custom-built platform for hosting Android mobile hacking challenges in a controlled and realistic environment, where attackers are constrained just enough to require solving challenges in the intended way.

RoboDroid

RoboDroid

RoboDroid is a tool designed to simplify the process of managing Android machines for usage in Cyber Range environments. With RoboDroid, users can easily set up and customize pre-defined behaviors for their Android machines, allowing them to create complex cyber attack scenarios and test their defenses against a wide range of threats.

Dockerized Android

Dockerized Android

Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a browser. This project has been developed in order to provide a starting point for integrating mobile security components into Cyber Ranges but it can be used for any purpose.

RAUDI

RAUDI

RAUDI (Regularly and Automatically Updated Docker Images) automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers.

HOUDINI

HOUDINI

HOUDINI (Hundreds of Offensive and Useful Docker Images for Network Intrusion) is a curated list of Network Security related Docker Images for Network Intrusion purposes. A lot of images are created and kept updated through our RAUDI project which is able to automatically update a Docker Image every time there is a new version.

CVEs

Total: 7Critical: 0High: 3Medium: 4Low: 0

  • CVE ID: CVE-2025-58374

    High

    Auto-approve allows npm install execution of malicious postinstall scripts

    Product
    Roo-Code
    Date
    Sep 04, 2025
    CVSS7.8 / 10
    Advisory

  • CVE ID: CVE-2025-58373

    Medium

    Symlink-bypass of .rooignore leading to unintended file disclosure

    Product
    Roo-Code
    Date
    Sep 04, 2025
    CVSS5.5 / 10
    Advisory

  • CVE ID: CVE-2025-58372

    High

    Potential Remote Code Execution via .code-workspace

    Product
    Roo-Code
    Date
    Sep 04, 2025
    CVSS8.1 / 10
    Advisory

  • CVE ID: CVE-2024-28722

    Medium

    Reflected XSS

    Product
    Innovaphone myPBX
    Date
    Apr 21, 2024
    CVSS6.3 / 10
    NVD

  • CVE ID: CVE-2024-3761

    High

    Missing Authorization on Delete Datasets

    Product
    lunary-ai/lunary
    Date
    May 20, 2024
    CVSS7.5 / 10
    NVD

  • CVE ID: CVE-2023-7194

    Medium

    Reflected XSS

    Product
    Meris WordPress Theme
    Date
    Jan 22, 2024
    CVSS6.1 / 10
    NVD

  • CVE ID: CVE-2022-2535

    Medium

    Unauthenticated Arbitrary Post Title Disclosure

    Product
    SearchWP Live Ajax Search WordPress plugin
    Date
    Aug 15, 2022
    CVSS5.3 / 10
    NVD

Hobbies

Rock Music

Soccer

Table Tennis

Reading

TV Shows/Movies

Traveling

You want to reach out?