sh4m2hwz
“People must communicate. They will make mistakes, and we will exploit them.”–James Clapper, DNI
Pinned Repositories
antidebug
Self-modificarion code with mutation with vectorization obfuscation (self-written)
botnets_rep_rsrc
botnets repository resources
Deobfuscation_path_learn
Deobfuscation path life resources
devirt_vmp
devirtualization vmprotect
devirt_vmprotect3
PLC_make_decompilers
Professional make decompilers for any plc bytecode
triton_ast_llvm_ir_translator
pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST
VMPSimplifierUltra
Simplifier vmp ultra
win_exp_resoures
Windows exploitation resources
x64-obfuscator
x64 obfuscator
sh4m2hwz's Repositories
sh4m2hwz/AvillaForensics
Avilla Forensics 3.0
sh4m2hwz/dex2c
🎇 AOT compiler to translate dalvikvm code into cpp code
sh4m2hwz/DoubleDrive
A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
sh4m2hwz/e9patch
A powerful static binary rewriting tool
sh4m2hwz/EternalBlueC
EternalBlue suite remade in C/C++ which includes: MS17-010 Exploit, EternalBlue vulnerability detector, DoublePulsar detector and DoublePulsar Shellcode & DLL uploader
sh4m2hwz/FBI-tools
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
sh4m2hwz/fgt-gadgets
Fortigate related tools
sh4m2hwz/FirmWire
FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares
sh4m2hwz/gef-kernel
GEF - GDB Enhanced Features for exploit devs & reversers
sh4m2hwz/Infiltrax
Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve clipboard contents, log keystrokes, and install AnyDesk for persistent remote access.
sh4m2hwz/ityfuzz
Blazing Fast Bytecode-Level Hybrid Fuzzer for Smart Contracts
sh4m2hwz/mba
Mixed Boolean-Arithmetic
sh4m2hwz/MBA-Obfuscator
Non-linear Mixed Boolean-Arithmetic Expressions
sh4m2hwz/Mergen
Deobfuscation via optimization with usage of LLVM IR and parsing assembly.
sh4m2hwz/mssql-spider
Automated exploitation of MSSQL servers at scale
sh4m2hwz/Nidhogg
Nidhogg is an all-in-one simple to use rootkit.
sh4m2hwz/OpenGPT-4o
OpenGPT 4o is a fee alternative to OpenAI GPT 4o
sh4m2hwz/PRET
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
sh4m2hwz/recaptcha-phish
Phishing with a fake reCAPTCHA
sh4m2hwz/sonicwall-gadgets
sh4m2hwz/STEVE-1
STEVE-1: A Generative Model for Text-to-Behavior in Minecraft
sh4m2hwz/themida-unmutate
Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.
sh4m2hwz/tinywasm
A tiny, interpreted WebAssembly Runtime written in Rust
sh4m2hwz/Unwinder
Call stack spoofing for Rust.
sh4m2hwz/urh
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
sh4m2hwz/Venoma
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
sh4m2hwz/VMHide
Bypasses VMProtect's VMWare & VMWare Tools detection trough user-mode API hooks.
sh4m2hwz/VmpHelper
an ida plugin used to decompile vmp
sh4m2hwz/wasker
Wasm compiler for running Wasm on your favorite kernel
sh4m2hwz/WhatsApp-extension-manipulation-PoC
Android malware (.apk) can be spread through a fake PDF document by manipulating the file extension in the WhatsApp application. PoC is available in this repo