Francisco Amato is a cybersecurity entrepreneur and engineer with 13 years of experience building security platforms and communities from New York. As Founder and Chairman of Faraday, he has led development of an open-source vulnerability management platform and driven integrations with tools like NetsparkerCloud. He co-founded and organizes ekoparty, a long-running security conference that reflects his commitment to researcher-driven knowledge sharing. Francisco is also the author of Evilgrade, a notable framework for testing insecure update mechanisms, showing deep hands-on expertise in offensive security. His background in economics from the University of Buenos Aires complements a pragmatic approach to productizing security tooling and running conferences. He blends technical depth in back-end development and plugin ecosystems with a founder’s knack for scaling open-source projects into operational products.
13 years of coding experience
6 years of employment as a software developer
Economics, Economics at University of Buenos Aires
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
Role in this project:
Security Engineer
Contributions:3 releases, 20 commits, 1 PR in 8 years 5 months
Contributions summary:Francisco contributed significantly to the `evilgrade` repository, focusing on injecting malicious code and exploiting vulnerabilities related to software updates. They added modules to target specific software updaters, including Intel Driver Update Utility, Samsung SW Update Tool, and SolarWinds. The commits also reveal interactions with Faraday, suggesting the user worked on integrating the framework with other security tools. This work demonstrates a focus on identifying, exploiting, and potentially automating attacks related to software update processes.
Contributions:4 releases, 204 commits, 3 PRs in 3 years 11 months
Contributions summary:Francisco's commits primarily focus on adding and modifying functionality within the Faraday Penetration Test IDE, particularly in the configuration, GUI, and plugin areas. They have made changes to the configuration files, added features like exporting vulnerabilities to CSV, implemented new functionality in the Faraday plugin, and integrated with external tools like NetsparkerCloud. The commits suggest the user is involved in extending the platform's capabilities for vulnerability management and integration with other security tools.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.