Low-level security researcher | Reverse Engineering · Binary Exploitation · Network Attacks · Digital Forensics
Passionate about going deep into systems — from raw sockets and memory forensics to kernel structures and hardware boundaries.
Currently building a public roadmap of offensive/defensive security tools in Python, C, Bash, and raw assembly when needed. All projects are designed for authorized testing, education, and red/blue team practice.
- Binary analysis, patching, and exploit development
- Custom network packet crafting and wireless attacks
- Memory & file forensics, side-channel research
- Cloud misconfiguration hunting and risk modeling
- Future deep dives: Kernel Exploitation · Hypervisor Security · Browser Exploitation & Sandbox Escape · Firmware/IoT Low-Level · Secure Boot & Baseband
| Project | Description | Tech | Stars |
|---|---|---|---|
| Raw_Overflow_Forge | All-in-one ROP exploitation engine: automated binary analysis, gadget chaining, payload generation | Python | ⭐ 2 |
| shellcode_Weaver | Professional shellcode generator, mutator, and analyzer for research & education | Python | ⭐ 1 |
| Privilege-Escalator | Linux privilege escalation scanner with parallel vector probing and intelligent chaining | Bash/Shell | ⭐ 1 |
I'm working through a structured 16-project pipeline, released in phases. Each tool is built from scratch (no heavy dependencies) to deepen low-level understanding.
- Packet Phantom – Raw socket packet forger (SYN floods, TCP hijacks) + honeypot echo mode
- ARP Reaper – Silent ARP spoofing & relay attacks with MAC flood simulation
- WiFi Ghost Buster – Aircrack-style scanner with rogue AP detection
- MITM Labyrinth – SSLStrip + BeEF integration with HSTS timing bypass
- Memory Ghost Carver – Volatility-free RAM parser in C with anti-forensic simulation
- Key Bleeder – Timing & power side-channel attack simulator + defensive jammer
- File Resurrectionist – Sleuth Kit-style carver with steganography hunting
- Crypto Cracker Forge – Custom JohnTheRipper wrapper with salted-hash bypass rules
- Cloud Shadow Enum – Public-endpoint AWS/Azure scanner + trail cleanup
- Risk Labyrinth Mapper – Attack-path graphing from Nmap XML with MITRE ATT&CK mapping
- Log Phantom Annihilator – Syslog tampering detector + false-positive injector
- PenTest Command Citadel – Full-cycle Bash framework with autopilot chaining
Projects will be released progressively — follow or ⭐ the repo to get notified.
- Languages: Python · C · Bash · Assembly (x86/x64)
- Domains: Reverse Engineering · Exploit Development · Network Security · Digital Forensics · Cloud Security
- Favorites: Raw sockets · Memory parsing · Custom exploit chains · Minimal-dependency tools
- GitHub: @medaminkh-dev
- Open to collaboration on low-level security research, CTF tools, or academic projects.
“The closer you get to the metal, the more you understand the system — and the more dangerous you become.”
— Building in public · One commit at a time.