Alternatives and similar repositories for processrefund:

Users that are interested in processrefund are comparing it to the libraries listed below

• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆184Updated 7 years ago
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆215Updated 4 years ago
• hlldz / APC-PPID
  Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
  ☆157Updated 5 years ago
• GradiusX / HEVD-Python-Solutions
  Python solutions for the HackSysTeam Extreme Vulnerable Driver
  ☆152Updated 4 years ago
• FuzzySecurity / HackSysTeam-PSKernelPwn
  ☆141Updated 8 years ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆177Updated 6 years ago
• 3gstudent / Inject-dll-by-Process-Doppelganging
  Process Doppelgänging
  ☆156Updated 7 years ago
• 3gstudent / CLR-Injection
  Use CLR to inject all the .NET apps
  ☆184Updated 4 years ago
• Darkabode / zerokit
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆182Updated 6 years ago
• Cn33liz / HSEVD-StackOverflowX64
  HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass
  ☆62Updated 7 years ago
• WithSecureLabs / doublepulsar-usermode-injector
  A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…
  ☆118Updated 7 years ago
• praetorian-inc / vulcan
  a tool to make it easy and fast to test various forms of injection
  ☆173Updated 6 years ago
• sensepost / gdi-palettes-exp
  DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects
  ☆145Updated 7 years ago
• hegusung / AVSignSeek
  Tool written in python3 to determine where the AV signature is located in a binary/payload
  ☆314Updated 7 years ago
• HexHive / malWASH
  ☆115Updated 8 years ago
• mattifestation / PIC_Bindshell
  Position Independent Windows Shellcode Written in C
  ☆291Updated 6 years ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆149Updated 2 years ago
• atxsinn3r / amsiscanner
  A C/C++ implementation of Microsoft's Antimalware Scan Interface
  ☆181Updated 7 years ago
• pwndizzle / CodeExecutionOnWindows
  A list of ways to execute code on Windows using legitimate Windows tools
  ☆307Updated 5 years ago
• rxwx / CVE-2018-0802
  PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
  ☆270Updated 7 years ago
• bee13oy / AV_Kernel_Vulns
  Pocs for Antivirus Software‘s Kernel Vulnerabilities
  ☆263Updated 7 years ago
• dismantl / ImprovedReflectiveDLLInjection
  An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
  ☆324Updated 7 years ago
• joesecurity / pafishmacro
  Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …
  ☆282Updated 7 years ago
• FuzzySecurity / DefCon25
  UAC 0day, all day!
  ☆278Updated 7 years ago
• cbayet / Exploit-CVE-2017-6008
  Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.
  ☆118Updated 6 months ago
• tyranid / DeviceGuardBypasses
  A repository of some of my Windows 10 Device Guard Bypasses
  ☆136Updated 7 years ago
• Cybereason / Invoke-WMILM
  ☆229Updated 6 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆223Updated 2 years ago
• phackt / stager.dll
  Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/
  ☆175Updated 4 years ago
• SherifEldeeb / TinyMet
  A "tiny" meterpreter stager
  ☆128Updated 5 years ago