Skip to content
View gemesa's full-sized avatar

Highlights

  • Pro

Organizations

@hightec-rt

Block or report gemesa

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
gemesa/README.md

Hey!

My name is András Gémes, I am a professional embedded SW engineer at HighTec with a passion for malware analysis and reverse engineering. Previously I have been working as an embedded software engineer at Knorr-Bremse and as a freelancer on Upwork. You can find more information about me at shadowshell.io.

Involvement

I am actively involved in the following cybersecurity projects: Ghidra | binexport (Ghidra plugin only) | shadow-shell | sys-scout

I have contributed to these security projects but am no longer active: aircrack-ng | hcxdumptool | noseyparker

I also have a strong interest in embedded systems: stm32-rf-scanner | stm32-dc-dc | esp32-mqtt

Skills

Languages: C, Rust, Python 3, Assembly (AMD64/x86-64, ARM64/AArch64), Bash

Malware analysis (static): Ghidra, IDA, capa, YARA, DIE, dnSpy, readelf, objdump

Malware analysis (dynamic): x64dbg, VirtualBox, Sysinternals, Regshot, Frida, GDB, eBPF, strace

Network analysis and protocols: Wireshark, Suricata, Zeek, FakeNet-NG, INetSim, TCP, UDP, HTTP, HTTPS, DNS

Platforms and DevOps tools: Linux (Fedora, Ubuntu), Windows, Git, Docker, GitHub Actions, Jenkins

Embedded systems and protocols: STM32, ESP32, AURIX, Wi-Fi, CAN, SPI, UART, I2C

Certifications

Fundamental cybersecurity: CompTIA Security+ | CompTIA CASP+/SecurityX (awaiting certificate) | EC-Council CEH

Malware analysis: Invoke RE IMBT | TCM Security PMAT

Pinned Loading

  1. NationalSecurityAgency/ghidra NationalSecurityAgency/ghidra Public

    Ghidra is a software reverse engineering (SRE) framework

    Java 52k 5.9k

  2. shadow-shell shadow-shell Public

    Cyber lab designed for analyzing shellcode, exploring memory exploits and supporting malware analysis

    Assembly 6 1

  3. sys-scout sys-scout Public

    Analyze malware dynamically using eBPF

    Rust 1

  4. aircrack-ng/aircrack-ng aircrack-ng/aircrack-ng Public

    WiFi security auditing tools suite

    C 5.5k 950

  5. ZerBea/hcxdumptool ZerBea/hcxdumptool Public

    Small tool to capture packets from wlan devices.

    C 1.8k 396

  6. praetorian-inc/noseyparker praetorian-inc/noseyparker Public

    Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

    Rust 1.7k 81