Skip to content
/ GetModuleHandle Public

GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB

ricardojoserf.github.io/getmodulehandle/
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ricardojoserf/GetModuleHandle

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits

GetModuleHandle

GetModuleHandle

 
 

GetModuleHandle.sln

GetModuleHandle.sln

 
 

README.md

README.md

 
 

Repository files navigation

GetModuleHandle - Custom implementation in C#

It works like the GetModuleHandle WinAPI: it takes a DLL name, walks the PEB structure and returns the DLL base address.

It only uses the NtQueryInformationProcess native API call, without using structs.

It works in both 32-bit and 64-bit processes. You can test this using the binaries in the Releases section:

img

Sources

About

GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB

ricardojoserf.github.io/getmodulehandle/

Topics

malware-development getmodulehandle sektor7 dynamic-function-resolution

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Version 1.1 Latest
Jul 9, 2023

Sponsor this project

Languages