An attempt at Process Doppelgänging
☆183Dec 21, 2017Updated 8 years ago
Alternatives and similar repositories for processrefund
Users that are interested in processrefund are comparing it to the libraries listed below
Sorting:
- Process Doppelgänging☆162Dec 19, 2017Updated 8 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- ☆82Dec 3, 2017Updated 8 years ago
- ☆17Mar 3, 2016Updated 9 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- Windows kernel-mode callbacks tutorial driver☆48Aug 8, 2016Updated 9 years ago
- ☆408Mar 1, 2017Updated 8 years ago
- Code injection via delay load libraries☆36Sep 20, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- PowerLoaderEx - Advanced Code Injection Technique for x32 / x64☆383Apr 17, 2017Updated 8 years ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆742Mar 17, 2019Updated 6 years ago
- WinDBG Anti-RootKit Extension☆645Jul 29, 2020Updated 5 years ago
- 锁主页驱动☆42Mar 14, 2019Updated 6 years ago
- ☆14Aug 15, 2018Updated 7 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆141Apr 4, 2017Updated 8 years ago
- hook msr by amd svm☆125Dec 30, 2019Updated 6 years ago
- Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.☆32Apr 10, 2015Updated 10 years ago
- Wow64 syscall hook☆43May 28, 2017Updated 8 years ago
- Windows inject☆16Jun 7, 2018Updated 7 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆747Jun 26, 2017Updated 8 years ago
- ARCH : ARM, ARM64, MIPS, PPC, X86☆86Apr 9, 2019Updated 6 years ago
- Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.☆48Nov 9, 2014Updated 11 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆110Feb 25, 2018Updated 8 years ago
- ☆34Sep 22, 2017Updated 8 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- windows syscall table from xp ~ 10 rs4☆356Jun 8, 2018Updated 7 years ago
- Test code only. Not reliable for actual use.☆63Jan 1, 2016Updated 10 years ago
- ☆30May 23, 2017Updated 8 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- IntelVT-X nice feature -> tool☆95Jul 2, 2014Updated 11 years ago
- Exploiting CPU-Z Driver To Turn Load Unsigned Drivers☆131Aug 10, 2017Updated 8 years ago
- Elevation of privilege detector based on HyperPlatform☆123Mar 5, 2017Updated 8 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- InjectProc - Process Injection Techniques [This project is not maintained anymore]☆998Feb 10, 2019Updated 7 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- Detecting execution of kernel memory where is not backed by any image file☆261Jul 11, 2018Updated 7 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆232Jul 26, 2020Updated 5 years ago