GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Dewera → Lunar

Dewera / Lunar

Licence: mit
A lightweight native DLL mapping library that supports mapping directly from memory

Labels

reverse-engineering

Projects that are alternatives of or similar to Lunar

Gta Reversed
Reversed code of GTA:SA executable (gta_sa.exe) 1.0 US
Stars: ✭ 297 (-13.91%)
Mutual labels:  reverse-engineering
E9patch
A powerful static binary rewriting tool
Stars: ✭ 317 (-8.12%)
Mutual labels:  reverse-engineering
Avatar2
Python core of avatar²
Stars: ✭ 334 (-3.19%)
Mutual labels:  reverse-engineering
Xia0lldb
LLDB python scripts for iOS arm64 reversing by xia0
Stars: ✭ 299 (-13.33%)
Mutual labels:  reverse-engineering
Umlgraph
Declarative specification and drawing of UML diagrams
Stars: ✭ 314 (-8.99%)
Mutual labels:  reverse-engineering
Pikachu Volleyball
Pikachu Volleyball implemented into JavaScript by reverse engineering the original game
Stars: ✭ 324 (-6.09%)
Mutual labels:  reverse-engineering
Hal
HAL – The Hardware Analyzer
Stars: ✭ 298 (-13.62%)
Mutual labels:  reverse-engineering
Beaengine
BeaEngine disasm project
Stars: ✭ 342 (-0.87%)
Mutual labels:  reverse-engineering
Vmlinux To Elf
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
Stars: ✭ 317 (-8.12%)
Mutual labels:  reverse-engineering
Medfusion 4000 Research
Medfusion 4000 security research & a MQX RCE.
Stars: ✭ 331 (-4.06%)
Mutual labels:  reverse-engineering
Polichombr
Collaborative malware analysis framework
Stars: ✭ 307 (-11.01%)
Mutual labels:  reverse-engineering
Reverse Engineering Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+1570.43%)
Mutual labels:  reverse-engineering
Iblessing
iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-5.51%)
Mutual labels:  reverse-engineering
Macbook
《macOS软件安全与逆向分析》随书源码
Stars: ✭ 302 (-12.46%)
Mutual labels:  reverse-engineering
Findcrypt Ghidra
IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database
Stars: ✭ 340 (-1.45%)
Mutual labels:  reverse-engineering
Lua re
reverse engineering for lua(lua/luac/luajit/lua_dec/lua_loader/lua_proc)
Stars: ✭ 299 (-13.33%)
Mutual labels:  reverse-engineering
Idenlib
idenLib - Library Function Identification [This project is not maintained anymore]
Stars: ✭ 322 (-6.67%)
Mutual labels:  reverse-engineering
Decomp
Components of a decompilation pipeline.
Stars: ✭ 343 (-0.58%)
Mutual labels:  reverse-engineering
Counterfeit ds18b20
How to tell original from fake DS18B20 temperature sensors.
Stars: ✭ 341 (-1.16%)
Mutual labels:  reverse-engineering
Ddisasm
A fast and accurate disassembler
Stars: ✭ 325 (-5.8%)
Mutual labels:  reverse-engineering
View All Similar Projects ➔

Lunar

A lightweight native DLL mapping library that supports mapping directly from memory

Notable features

  • Exception handler initialisation
  • Security cookie generation
  • SxS dependency resolution
  • TLS callback execution
  • x86 and x64 support

Caveats

  • The latest version of the PDB for ntdll.dll is downloaded and cached on disk by the library

Getting started

The example below demonstrates a basic implementation of the library

var process = Process.GetProcessesByName("")[0];

var dllFilePath = "";

var flags = MappingFlags.DiscardHeaders;

var mapper = new LibraryMapper(process, dllFilePath, flags);

mapper.MapLibrary();

LibraryMapper Class

Provides the functionality to map a DLL from disk or memory into a process

public sealed class LibraryMapper

Constructors

Initialises an instance of the LibraryMapper class with the functionality to map a DLL from memory into a process

public LibraryMapper(Process, Memory<byte>, MappingFlags);

Initialises an instance of the LibraryMapper class with the functionality to map a DLL from disk into a process

public LibraryMapper(Process, string, MappingFlags);

Properties

The base address of the DLL in the process after it has been mapped

public IntPtr DllBaseAddress { get; }

Methods

Maps the DLL into the process

public void MapLibrary();

Unmaps the DLL from the process

public void UnmapLibrary();

MappingFlags Enum

Defines actions that the mapper should take during the mapping process

[Flags]
public enum MappingFlags

Fields

Default flag

MappingsFlags.None

Specifies that the header region of the DLL should not be mapped

MappingsFlags.DiscardHeaders

Specifies that any TLS callbacks and DllMain should not be called

MappingsFlags.SkipInitialisationRoutines
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].