Where binaries melt and vulnerabilities are forged.
We are ReverseForge, a two-person elite security research cell operating at the intersection of vulnerability research, binary exploitation, and reverse engineering.
Our mission is simple: Melt complex software down to its raw components, expose the hidden attack surface, and forge proof-of-concepts that force vendors to patch. We don't just find bugs; we architect exploits to prove impact.
“The Forge does not sleep. We reverse. We forge. We disclose.”
We are operating in the most explosive era in vulnerability history. In 2026, for the first time ever, annual CVE publications are projected to surpass 50,000, with realistic scenarios suggesting 70,000 to 100,000 vulnerabilities are possible this year alone. Currently, 131 new CVEs are disclosed every day — and the median time-to-exploit has collapsed to under 5 days.
While AI-powered attack agents like Project Glasswing and autonomous pentesting tools now execute at machine speed, we believe the human edge in reasoning, root-cause analysis, and exploit craftsmanship remains irreplaceable. ReverseForge bridges the gap: we combine deep technical intuition with cutting-edge tooling like Ghidra, Binary Ninja, Frida, angr, and AI-assisted reverse engineering platforms such as Azul and Hyoketsu to deliver adversary-grade vulnerability intelligence .
We are two engineers operating as a single, precision-focused research unit. No bureaucracy. No noise. Just pure technical excellence.
 |
 |
|---|---|
| Mehrdoost Co‑Founder |
Mi0r4 Co‑Founder |
| @Mehrdoost | @miora-sora |
We are not hiring. We are a closed cell. But we are always open to collaboration with vendors committed to fixing their software.
📂 Featured Repository: Vulnerability Writeups
Our core work: full technical breakdowns of discovered vulnerabilities, published only after responsible disclosure windows have been honored. Every advisory follows a strict template covering root cause, exploitation primitives, impact assessment, and vendor remediation guidance.
ReverseForge adheres to a strict Coordinated Vulnerability Disclosure process:
- Discovery: Findings are independently verified and reproduced.
- Notification: Vendors receive a detailed report with a 90-day disclosure deadline (or mutually agreed window).
- Remediation: We provide technical assistance and validate patches.
- Publication: The final writeup is released to this GitHub organization for the benefit of the global security community.
➡️ Read our full policy: SECURITY.md
Here are the weapons we use daily to deconstruct software and forge exploits:
| Category | Primary Tools |
|---|---|
| Disassemblers & Decompilers | Ghidra, IDA Pro, Binary Ninja |
| Dynamic Instrumentation | Frida, DynamoRIO |
| Symbolic Execution | angr, Triton |
| Fuzzing & Harnessing | AFL++, LibFuzzer, custom Python harnesses |
| Exploit Development | pwntools, GDB (with GEF/Pwndbg), custom shellcode frameworks |
| AI-Assisted RE | Custom LLM pipelines for binary summarization and pattern detection |
"We don't break software. We forge its weaknesses into strengths for defenders."
— The ReverseForge Founders
