Spajed/processrefund external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Spajed/processrefund

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Spajed/processrefund)

Close

Spajed / processrefundView on GitHubMore

• External links
• Readme badge

An attempt at Process Doppelgänging

☆183Dec 21, 2017Updated 8 years ago

Alternatives and similar repositories for processrefund

Users that are interested in processrefund are comparing it to the libraries listed below

• 3gstudent / Inject-dll-by-Process-Doppelganging

  View on GitHub
  Process Doppelgänging
  ☆162Dec 19, 2017Updated 8 years ago
• dotfornet / WindowsUtil

  View on GitHub
  ☆14Jan 10, 2017Updated 9 years ago
• uniking / TDI-Demo

  View on GitHub
  ☆17Mar 3, 2016Updated 10 years ago
• int0 / ProcessIsolator

  View on GitHub
  ☆82Dec 3, 2017Updated 8 years ago
• Professor-plum / Reflective-Driver-Loader

  View on GitHub
  ☆408Mar 1, 2017Updated 9 years ago
• swwwolf / wdbgark

  View on GitHub
  WinDBG Anti-RootKit Extension
  ☆646Jul 29, 2020Updated 5 years ago
• secrary / makin

  View on GitHub
  makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
  ☆742Mar 17, 2019Updated 7 years ago
• BreakingMalware / PowerLoaderEx

  View on GitHub
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆382Apr 17, 2017Updated 8 years ago
• swwwolf / cbtest

  View on GitHub
  Windows kernel-mode callbacks tutorial driver
  ☆48Aug 8, 2016Updated 9 years ago
• changeofpace / Remote-Process-Cookie-for-Windows-7

  View on GitHub
  Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
  ☆23May 31, 2017Updated 8 years ago
• AzureGreen / WinNT-Learning

  View on GitHub
  Notes my learning steps about Windows-NT
  ☆23May 18, 2017Updated 8 years ago
• Iamgublin / LockWebPageDriver

  View on GitHub
  锁主页驱动
  ☆42Mar 14, 2019Updated 7 years ago
• hzqst / Syscall-Monitor

  View on GitHub
  Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
  ☆748Jun 26, 2017Updated 8 years ago
• hatRiot / DelayLoadInject

  View on GitHub
  Code injection via delay load libraries
  ☆36Sep 20, 2017Updated 8 years ago
• xingyun86 / InjectWorker

  View on GitHub
  Windows inject
  ☆17Jun 7, 2018Updated 7 years ago
• mq1n / Wow64SyscallHook

  View on GitHub
  Wow64 syscall hook
  ☆43May 28, 2017Updated 8 years ago
• hcyang1012 / SecurityMonitor

  View on GitHub
  ☆12Feb 19, 2017Updated 9 years ago
• SilverMoonSecurity / SandboxEvasion

  View on GitHub
  Malware sandbox evasion tricks and solution
  ☆32Jul 5, 2017Updated 8 years ago
• sciencemanx / x86-analysis

  View on GitHub
  Static analysis tools for x86 assembly
  ☆13Mar 3, 2017Updated 9 years ago
• zer0mem / MiniHyperVisorProject

  View on GitHub
  IntelVT-X nice feature -> tool
  ☆95Jul 2, 2014Updated 11 years ago
• tandasat / MemoryMon

  View on GitHub
  Detecting execution of kernel memory where is not backed by any image file
  ☆261Jul 11, 2018Updated 7 years ago
• secrary / InjectProc

  View on GitHub
  InjectProc - Process Injection Techniques [This project is not maintained anymore]
  ☆996Feb 10, 2019Updated 7 years ago
• OlSut / Kinject-x64

  View on GitHub
  Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.
  ☆32Apr 10, 2015Updated 10 years ago
• ivildeed / vmw_vmx_overloader

  View on GitHub
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆141Apr 4, 2017Updated 8 years ago
• Eva1216 / MagicWall

  View on GitHub
  ☆48Nov 7, 2018Updated 7 years ago
• blacknbunny / shellcode2assembly

  View on GitHub
  ARCH : ARM, ARM64, MIPS, PPC, X86
  ☆86Apr 9, 2019Updated 6 years ago
• tandasat / EopMon

  View on GitHub
  Elevation of privilege detector based on HyperPlatform
  ☆123Mar 5, 2017Updated 9 years ago
• leeqwind / MBRhack

  View on GitHub
  感染MBR 下载并运行文件。
  ☆33Aug 23, 2022Updated 3 years ago
• karol-gruszczyk / win-rootkit

  View on GitHub
  ☆24Feb 21, 2016Updated 10 years ago
• hrbust86 / HookMsrBySVM

  View on GitHub
  hook msr by amd svm
  ☆125Dec 30, 2019Updated 6 years ago
• Nukem9 / VirtualDbg

  View on GitHub
  Test code only. Not reliable for actual use.
  ☆63Jan 1, 2016Updated 10 years ago
• secrary / Hooking-via-InstrumentationCallback

  View on GitHub
  codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
  ☆182Nov 30, 2017Updated 8 years ago
• int0 / ltmdm64_poc

  View on GitHub
  ☆30May 23, 2017Updated 8 years ago
• tinysec / windows-syscall-table

  View on GitHub
  windows syscall table from xp ~ 10 rs4
  ☆356Jun 8, 2018Updated 7 years ago
• hfiref0x / Stryker

  View on GitHub
  Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
  ☆111Feb 25, 2018Updated 8 years ago
• hasherezade / process_doppelganging

  View on GitHub
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆640Aug 30, 2022Updated 3 years ago
• IgorKorkin / AllMemPro

  View on GitHub
  AllMemPro
  ☆46Jan 15, 2018Updated 8 years ago
• imgits / ShellcodeVM

  View on GitHub
  ShellcodeVM
  ☆15Jun 20, 2016Updated 9 years ago
• tandasat / RemoteWriteMonitor

  View on GitHub
  A tool to help malware analysts tell that the sample is injecting code into other process.
  ☆78Aug 12, 2015Updated 10 years ago