Cybersecurity & Edge Infrastructure — Independent Engineer

Fabrizio Salmi

Working at the intersection of Enterprise Reliability and Creative Innovation. Open-source tools for autonomous infrastructure, AI security, and sovereign tech.

4,003 stars Published research TLA+ verified protocol

GitHub LinkedIn ResearchGate

Previously

MainStreaming · Borsa Italiana / LSEG / Euronext · SORINT.lab · Userfarm · Clouditalia

20+ years across streaming infrastructure, financial markets, and edge networks.

14 recommendations on LinkedIn →

Featured

4,003 total stars across 72 repositories

certmate

SSL Certificate Management System (API + UI)

Python 91 12 v2.11.2 MIT

caddy-waf

Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)

Go 29 8 v0.3.3 AGPL-v3.0

zion

High-performance TLS reverse proxy with built-in WAF, written in Rust.

Rust 1 2 v0.3.0 Apache 2.0

llmproxy

Security-first proxy for Large Language Models

Python 3 2 v1.21.60 MIT

Currently available for

NIS2 Gap Assessment

Automated compliance mapping (D.Lgs 138/2024, Art. 21-23). Risk scoring by domain, prioritized remediation roadmap. Fixed price, delivered in 5 working days.

Edge Security & WAF Architecture

Caddy/Envoy/custom edge deployment, WAF tuning, multi-tenant certificate infrastructure.

AI Security & LLM Gateway Hardening

LLM proxy hardening, DLP for AI endpoints, prompt injection defense, audit/compliance for AI workloads.

Open-source consulting for European organizations

Sovereignty-aligned, code-first, NIS2-ready.

Email me LinkedIn

Research

Decentralized protocol design with formal verification. Published research on ResearchGate.

AIMP -- AI Mesh Protocol

Serverless networking protocol for resilient state synchronization between autonomous agents. Merkle-CRDTs, Ed25519 identity, integer log-odds epistemic layer. Formally verified via TLA+ (46,063 states, 199,902 configurations). 98-142x faster than Subjective Logic / Dempster-Shafer.

Rust TLA+ formal verification Noise Protocol XX MIT

Published Papers

I AIMP: Design and Evaluation of a Serverless Merkle-CRDT Protocol for Edge Agent Synchronization II Epistemic Layer: Integer Log-Odds Belief Aggregation and Trust Propagation III Correlation-Aware Aggregation: Grid-Cell Discounting for Correlated Evidence Sources IV Deterministic Semantic Topologies: SimHash Embeddings and Autonomous Edge Generation

Web Security & Edge

WAF platforms, certificate lifecycle management, threat detection, and edge security tooling.

patterns

Automated OWASP CRS and Bad Bot Detection for Nginx, Apache, Traefik and HaProxy

wildbox

An open-source security platform for the community. Unified SIEM, SOAR, WAF, and more in a single, self-hosted solution.

Python 8 3 v0.6.0 MIT

caddy-mib

Track and ban client IPs generating repetitive errors on Caddy

Go 4 3 v1.0.1 AGPL-v3.0

secure-proxy-manager Secure proxy solution with filtering, real-time monitoring and a modern web UI. 34 limits Automated rate limits implementation for web servers 18 nginx-waf-ai Automatically detect threats and deploy WAF rules using machine learning 9 fqdn-model Tiny and fast FQDN classifier to detect malicious domains 5 caddy-feeds IP blacklist, DNS blacklist and OWASP rules daily updated for caddy-waf 2 domainmate Domain and security monitoring system 1 netfence Like Envoy xDS, but for eBPF filters 1 proxymate macOS menu bar proxy with WAF, privacy, AI agent enforcement, and threat intelligence New

Autonomous Infrastructure

Proxmox autoscaling, Cloudflare automation, DNS management, and network monitoring.

proxmox-vm-autoscale

Automatically scale virtual machines resources on Proxmox hosts

Python 24 8 v0.1.1 MIT

proxmox-lxc-autoscale

Automatically scale LXC containers resources on Proxmox hosts

Python 11 4 v2.0.1 MIT

lws Unified command line interface for Proxmox, LXC and Docker. 70 websites-monitor Websites monitoring via GitHub Actions/API (expiration, security, performances, privacy, SEO) 55 cf-box cf-box is a set of Python tools to play with API and multiple Cloudflare accounts. 32 proxmox-lxc-autoscale-ml Automatically scale the LXC containers resources on Proxmox hosts with AI 27 zonecontrol Cloudflare Zones Settings Automation using GitHub Actions 27 dnscontrol-actions Automate DNS updates and rollbacks across multiple providers using DNSControl and GitHub Actions 18 proxmox-cluster-balancer Balance, scale, migrate your LXC fleet across your Proxmox nodes 7 wafcontrol Cloudflare WAF Settings Automation using GitHub Actions 7 proximity An immersive management layer for Proxmox based personal infrastructure. 4 cloudflare-backup-actions Cloudflare zones and records backup via Github Actions 2 asn-api ASN intelligence system New project-pegaprox The ultimate datacenter management solution for Proxmox VE and XCP-NG. Unified multi-cluster control, intelligent load balancing, and seamless cross-cluster VM migrations — all in one beautiful interface. New rainlogs Cloudflare log archiving for NIS2-compliant European businesses New

Compliance, AI Security & Sovereign Tech

Tools aligned with European data sovereignty, AI safety, and NIS2 readiness.

blacklists

Daily updated domains blacklist 🚫

Python 1 6 GPL-v3.0

nis2-public

NIS2 Continuous Posture Management and Remediation Platform

Python 2 4 v2.5.12 AGPL-v3.0

aidlp

Data Loss Prevention (DLP) for LLM endpoints.

Python 1 2 v1.0.0 MIT

AI & Data Tooling

Experiments and utilities.

UglyFeed Retrieve, aggregate, filter, evaluate, rewrite and serve RSS feeds using Large Language Models for fun, research and learning purposes 312 DevGPT Code togheter, right now! GPT powered code assistant to build project in minutes 71 iamnotacoder AI code generation and improvement 33 vibe-check Anti-slop CI/CD gatekeeper (GitHub action) 21 csv-anonymizer CSV fuzzer/anonymizer 10 newsgator Yet another RSS feed aggregator with LLM powers. 10 ethical-ai Automate LLM ethical self-assessments 6 audiogen AI-Powered Sound Generation & Classification. 4 silicondev Local LLM fine-tuning and chat for Apple Silicon 3 llm-benchmarks benchmarking large language models (LLMs) with a focus on their mathematical capabilities 2 gitoma AI-powered GitHub repository improvement agent New

Other Projects

Utilities, experiments, and cross-domain tooling.

brandkit Yet another brand assets generator 63 pdf-ocr Converts scanned PDF documents to multiple formats using Optical Character Recognition 22 proxxx Terminal cockpit for Proxmox VE & PBS — Rust TUI + CLI, single static binary, six-stage commit gate, no agent on the cluster. 14 webtek WebTeK: the worldwide streaming teknival ꩜ https://webtek.live 9 You-Know-What-AI-Mean A practical guide to AI ethics and responsibility, built from a real-world incident — and from the body of work that came after. 4 aimp A serverless networking protocol designed for resilient state synchronization between autonomous agents in fragmented, low-bandwidth networks 3 mixi Deterministic audio workstation. Browser-native. Zero install. Dual decks, Rust/Wasm DSP, WebGPU visuals, 19 instruments, automixer, beatmatching, 17 skins, MIDI, headphone cue. 3 speedmate A lightweight, zero-configuration WordPress performance plugin 3 open-video-watermark A video watermarking web application 2 mixi-cut Open-source timecode vinyl signal generator for DVS lathe cutting (MIXI-CUT protocol) 1 nis2-model NIS2 Compliance Assistant 1 open-bpm High-accuracy BPM detection 1 tanstack-compromise-checker Shell script to detect TanStack npm supply chain attack indicators (CVE-2026-45321 / GHSA-g7cv-rxg3-hmpx) 1 ai-security AI Security - Guida in Italiano New certmate-agent Lightweight LLM-powered assistant for CertMate. Local LLM + 1:1 REST tools + RAG over docs. New certmate-tools Free, privacy-first client-side TLS / certificate / ACME tools — companion to CertMate New chatterbox-tts-api Local, OpenAI-compatible text-to-speech (TTS) API using Chatterbox, enabling users to generate voice cloned speech anywhere the OpenAI API is used (e.g. Open WebUI, AnythingLLM, etc.) New free-claude-code Use claude-code for free in the terminal, VSCode extension or discord like OpenClaw (voice supported) New gitoma-bench-supply-chain Adversarial supply-chain stress test corpus for gitoma G21/G22 critics — intentional CVEs + secrets + IaC misconfigs New l0-git Deterministic project-hygiene quality gates for the open workspace (cli + MCP + VSCode extension) New l0-memory Minimal long-term memory for AI assistants: Go MCP server + SQLite + VSCode extension New logos Dynamic SVG asset generation service built in Go New mixi-decks Drop-in plugins for the Mixi platform New mixi-skin-generator MIXI skin generator New mixi-sync-framework Deterministic test harness for mixi sync engine — 68/68 scenarios PASS, B6+B7 fixes shipped in mixi v0.5.10 New occam-observer An Out-of-Band, Event-Driven Git Telemetry Daemon New space23 Music-driven vertical shoot-'em-up that runs in your browser. Godot 4 + WebAssembly, deployed to GitHub Pages. New txt2vst Generate VST3/AU instruments from natural language New

4,003

Stars

72

Repositories

289

Forks

5

Languages

Python (38) Go (8) Rust (5) TypeScript (5) HTML (3) Other (4)