Low-level security researcher | Reverse Engineering * Binary Exploitation * Network Attacks * Digital Forensics
Passionate about going deep into systems -- from raw sockets and memory forensics to kernel structures and hardware boundaries.
Currently building a public roadmap of offensive/defensive security tools in Python, C, Bash, and raw assembly when needed. All projects are designed for authorized testing, education, and red/blue team practice.
Current Focus & Interests
- Binary analysis, patching, and exploit development
- Custom network packet crafting and behavioral OS fingerprinting
- Memory & file forensics, side-channel research
- Cloud misconfiguration hunting and risk modeling
- Future deep dives: Kernel Exploitation * Hypervisor Security * Browser Exploitation & Sandbox Escape * Firmware/IoT Low-Level * Secure Boot & Baseband
Featured Projects
| Project | Description | Tech | Stars |
|---|---|---|---|
| Raw_Overflow_Forge | All-in-one ROP exploitation engine: automated binary analysis, gadget chaining, payload generation | Python | 2 |
| shellcode_Weaver | Professional shellcode generator, mutator, and analyzer for research & education | Python | 1 |
| Privilege-Escalator | Linux privilege escalation scanner with parallel vector probing and intelligent chaining | Bash/Shell | 1 |
| Packet Phantom | Next-gen network reconnaissance tool: advanced port scanning, 9-dimensional behavioral OS fingerprinting, evasion suite, educational mode, CDN-ready signature database | Python (Scapy) | New Release |
Public Roadmap - Upcoming Tools (In Development)
Structured 16-project pipeline, released progressively. Each tool is built from scratch with minimal dependencies to deepen low-level understanding.
Phase 2: Networks & Wireless (In Progress)
- ARP Reaper - Silent ARP spoofing & relay attacks with MAC flood simulation (next)
- WiFi Ghost Buster - Aircrack-style scanner with rogue AP detection
- MITM Labyrinth - SSLStrip + BeEF integration with HSTS timing bypass
Phase 3: Forensics & Crypto
- Memory Ghost Carver - Volatility-free RAM parser in C with anti-forensic simulation
- Key Bleeder - Timing & power side-channel attack simulator + defensive jammer
- File Resurrectionist - Sleuth Kit-style carver with steganography hunting
- Crypto Cracker Forge - Custom JohnTheRipper wrapper with salted-hash bypass rules
Phase 4: Cloud & Management
- Cloud Shadow Enum - Public-endpoint AWS/Azure scanner + trail cleanup
- Risk Labyrinth Mapper - Attack-path graphing from Nmap XML with MITRE ATT&CK mapping
- Log Phantom Annihilator - Syslog tampering detector + false-positive injector
- PenTest Command Citadel - Full-cycle Bash framework with autopilot chaining
Projects released progressively -- follow or the repos to get notified.
Tech & Tools I Work With
- Languages: Python * C * Bash * Assembly (x86/x64)
- Domains: Reverse Engineering * Exploit Development * Network Security * Digital Forensics * Cloud Security
- Favorites: Raw sockets * Behavioral fingerprinting * Minimal-dependency tools * Future-proof architectures
Get in Touch
- GitHub: @medaminkh-dev
- Linkedin: @lakhemissi
- Twitter(X): @X4m1n3
- Open to collaboration on low-level security research, CTF tools, or academic projects.
"The closer you get to the metal, the more you understand the system -- and the more dangerous you become."
-- Building in public * One commit at a time.