FICHA · MANJARO

sh4d0wup

Signing-key abuse and update exploitation framework

  • cli
  • CLI
  • SECURITY
  • NETWORK
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 29, 2026 description in en

Description

Tests whether software update systems can be abused through signing-key weaknesses or unsafe update workflows. Security professionals use it to study update-chain risks and demonstrate where trust controls fail.

This is offensive security tooling. Use it only in authorized labs or systems you are responsible for, because abusing update mechanisms can compromise machines, distribute malicious code, or violate law and policy.

How to run

sh4d0wup

Commands: sh4d0wup

Permissions

Permissions not analysed for this source yet.