Bypass GetModuleBaseAddress and GetExportAddress in C#

A proof of concept of real and native custom GetExportAddress (GetProcAddress) and GetModuleBaseAddress (GetModuleHandle) in C#.

This took me so long time to code and find resources about it (mostly old and not working anymore or C++). I decided to write that in C# because I didn't find C# implementation of those functions. Also most of native imports I wrote come from ReactOS code I translated to C# and then tested with ProcessHacker for PEB and Detect It Easy for Image structures.
Works with x86 and x64.

TODO

Some code refractoring & improvements
Some docs or explanations

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
README.md		README.md
main.cs		main.cs

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

main.cs

main.cs

Repository files navigation

Bypass GetModuleBaseAddress and GetExportAddress in C#

A proof of concept of real and native custom GetExportAddress (GetProcAddress) and GetModuleBaseAddress (GetModuleHandle) in C#.

TODO

About

Releases

Packages

Languages

arsium/BypassGetModuleBaseAddressAndGetExportAddress

Folders and files

Latest commit

History

README.md

README.md

main.cs

main.cs

Repository files navigation

Bypass GetModuleBaseAddress and GetExportAddress in C#

A proof of concept of real and native custom GetExportAddress (GetProcAddress) and GetModuleBaseAddress (GetModuleHandle) in C#.

TODO

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages