Name: Dreg
Type: User
Company: rootkit.es
Bio: Senior Malware Researcher, OS Internals, C/C++, assembler, reversing, forensics, hardware hacking, x86_64, AVR, ARM & PIC
Twitter: therealdreg
Location: Spain
Blog: https://www.rootkit.es
Dreg's Projects
A tool to detect and crash Cuckoo Sandbox
antidebug1
AsProgrammer dregmod allow you to program flash memory on the protocols spi, I2C, MicroWire. Supports Buzzpirat, Bus Pirate, CH341a, UsbAsp, AVRISP(LUFA), Arduino & FT232H
Software UART for AVR like AltSoftSerial or NeoICSerial without Arduino layer
Original sources and programs for AT90USBKEY2 + own code & patches
automate bootloader+firmware+update+self_test on bus pirate v3 with arduino and python. Firmware 7.1 bootloader 4.5
Full reversing of the Microsoft Auxiliary Windows API Library and ported to C
Bochs - Cross Platform x86 Emulator Project
Bochs Enhaced Debugger (bochs-bed). A modern console debug experience.
Tools for Linux kernel debugging on Bochs (including symbols, native Bochs debugger and IDA PRO)
SoftICE-like kernel debugger for Windows 11
All-In-One Ruggedized Hardware Hacking tool for learning, practice and play. Using the same hardware as Bus Pirate v3 but with some enhancements. Special firmware Bus Pirate v3.
BZub.CX Malware Reversing
short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)
radare2 script to fix disasm with call tricks for strings
Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
Teensy Core Libraries for Arduino
Debug Child Process Tool (auto attach)
my radare2 r2panels
call gates as stable comunication channel for NT x86 and Linux x86_64
(Dreg's fork) A compiler and interpreter of a toy language. Using C++, Flex and Bison. "While language"
Dreg's fork Simple tool to build using MASM (Masm32v11r) & run on linux via terminal. Based from olivatooo masm32-wine project, very handy for github action pipeline.
my own dregs-win64-bochsdbg-build
dregshells
drx ptrace shellcode injector
hook detector using emulation and comparing static with dynamic outputs
LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
evil mass storage *AT90USBKEY2 (poc-malware-tool for offline system)
Dreg's fork flashrom special edition for Buzzpirat & Bus pirate