Pinned Repositories
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
akabe1-semgrep-rules
My collection of Semgrep rules for vulnerability detection on source code (swift, java)
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
android_kernel_xiaomi_msm8937
My porting kernel for Xiaomi Redmi 3S. The cameras and fingerprint don't work yet.
ARTful
The ARTful library for dynamically modifying the Android Runtime
ATSCAN
Advanced dork Search & Mass Exploit Scanner
awesome-bugbounty-tools
A curated list of various bug bounty tools
awesome-embedded-and-iot-security
A curated list of awesome embedded and IoT security resources.
awesome-incident-response
A curated list of tools for incident response
sliver_extension_uac_bypass_cmstp
Sliver extension to bypass UAC via cmstp written in rust
rmashadi's Repositories
rmashadi/sliver_extension_uac_bypass_cmstp
Sliver extension to bypass UAC via cmstp written in rust
rmashadi/AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
rmashadi/akabe1-semgrep-rules
My collection of Semgrep rules for vulnerability detection on source code (swift, java)
rmashadi/awesome-incident-response
A curated list of tools for incident response
rmashadi/BadUnboxing
Automated Android custom unpacker generator
rmashadi/blutter
Flutter Mobile Application Reverse Engineering Tool
rmashadi/curl
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
rmashadi/cve_2024_0044
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
rmashadi/Docker-OSX
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
rmashadi/DVIA-v2
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment.
rmashadi/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
rmashadi/frida-ios-hook
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
rmashadi/iOS_Reverse_Engineering
The iOS IPA file Reverse Engineering reference
rmashadi/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
rmashadi/OSX-KVM
Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.
rmashadi/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
rmashadi/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
rmashadi/radare2
UNIX-like reverse engineering framework and command-line toolset
rmashadi/rmashadi.github.io
rmashadi/RMS-Runtime-Mobile-Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
rmashadi/scapy
Scapy: the Python-based interactive packet manipulation program & library.
rmashadi/Shellcode-Loader
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
rmashadi/smart-contracts-audit-checklist
rmashadi/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
rmashadi/testdisk
TestDisk & PhotoRec
rmashadi/threat-dragon
An open source threat modeling tool from OWASP
rmashadi/toolkit
The essential toolkit for reversing, malware analysis, and cracking
rmashadi/usbmuxd
A socket daemon to multiplex connections from and to iOS devices
rmashadi/webp-CVE-2023-4863
rmashadi/XSStrike
Most advanced XSS scanner.