Dreg

Senior Malware Researcher, OS Internals, C/C++, assembler, reversing, forensics, hardware hacking, x86_64, AVR, ARM & PIC

Ecosystems: Windows, Linux, C, Python, Assembly, Shell, Discord, C++, Jekyll, GTK, Arduino

Projects

gef

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Python - Released: 26 Mar 2015 - 6,566

anticuckoo

A tool to detect and crash Cuckoo Sandbox

C - Released: 14 Jun 2015 - 285

gef-extras

Extra goodies for GEF to (try to) make GDB suck even less

Python - Released: 05 May 2017 - 143

DbgChild

Debug Child Process Tool (auto attach)

C - Released: 26 Mar 2017 - 261

hardware_hacking_es

Hardware Hacking ES Comunidad

Python - Released: 14 Sep 2023 - 62

okhi

Open Keylogger Hardware Implant - USB & PS2 Keyboards

C - Released: 05 Aug 2024 - 50

masm32-kernel-programming

masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)

Assembly - Released: 21 Jul 2023 - 110

shellex

C-shellcode to hex converter, handy tool for paste & execute shellcodes in IDA PRO, gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor

C - Released: 20 Dec 2020 - 105

enyelkm

LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.

C - Released: 10 Jul 2015 - 81

x64dbg-exploiting

Do you want to use x64dbg instead of immunity debugger? oscp eCPPTv2 buffer overflow exploits pocs

Released: 19 Dec 2020 - 72

cgaty

Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)

C - Released: 10 Jul 2015 - 70

x86osdev

x86 OS development using Bochs emulator. MIT xv6, JamesM's kernel development tutorials (with some changes) & more

C++ - Released: 21 Jul 2022 - 69

ida_bochs_windows

Helper script for Windows kernel debugging with IDA Pro on native Bochs debugger (including PDB symbols)

Python - Released: 14 Jul 2022 - 60

lsrootkit

Rootkit Detector for UNIX

C - Released: 27 May 2018 - 60

ida_vmware_windows_gdb

Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)

Python - Released: 08 Jul 2022 - 58

ftdibrick

FTDI bricker just for fun - malware POC+hardware hacking CTF

C - Released: 19 Apr 2024 - 14

phook

Full DLL Hooking, phrack 65

C - Released: 10 Jul 2015 - 44

xshellex

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger

C - Released: 20 Dec 2020 - 37

bochs_linux_kernel_debugging

Tools for Linux kernel debugging on Bochs (including symbols, native Bochs debugger and IDA PRO)

Python - Released: 22 Aug 2022 - 30

linux_kernel_debug_disassemble_ida_vmware

Helper script for Linux kernel disassemble or debugging with IDA Pro on VMware + GDB stub (including some symbols helpers)

Python - Released: 20 Sep 2020 - 29

evilmass_at90usbkey2

evil mass storage *AT90USBKEY2 (poc-malware-tool for offline system)

C - Released: 01 Apr 2020 - 29

dregate

call gates as stable comunication channel for NT x86 and Linux x86_64

C++ - Released: 05 Sep 2022 - 27

nasm_linux_x86_64_pure_sharedlib

NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection

Shell - Released: 29 Jun 2022 - 26

windbgtocstruct

Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if needed

Python - Released: 07 Oct 2022 - 25

auxlib

Full reversing of the Microsoft Auxiliary Windows API Library and ported to C

C - Released: 09 Jul 2015 - 23