We have sandbox.exe, app.exe and app.dll. If users want to run the not sandboxed application, they run app.exe. If users want to run the application in the sandbox, they run sandbox.exe that loads app....

I'm developing a PE executable packer and want to implement some form of lightweight, simple control-flow obfuscation that doesn't add any extra bytes to the original exe's .text section (i.e. no ...

So I have these two macros #define ESTART \ _Pragma("optimize(\"\", off)") \ _Pragma("section(\".secure\", execute, read, write)") \ _Pragma("...

(I'm on Windows 11) CreateFileA is crashing, but I have no clue why. I know that CreateFileA is crashing because the program doesn't loop at "wat: jmp wat"; instead it stops immediately. I ...

When I run this program in cmd, it instantly ends without printing anything and doesn't even reach the loop "wat2: jmp wat2" right after WriteFile. if I place the wat2 loop before WriteFile, ...

This PE format .EXE program should print "owwwmagawd" in cmd when run, but instead the program hangs without printing anything. I figured there could be a problem with Windows not filling ...

I'm having some struggles with my PowerShell script. I am trying to make an Automated Script that will Perform the Utilman.exe Hack. The script has menus and options: Load, Unload, List Disk and ...

I'm trying to understand why I'm getting nothing from GetProcAddress(). I have been learning to build my own protected executable. I load a copy of ntdll.dll and map it into memory and then read the ...

I need an x64 Reflective DLL Injector written in Delphi. I found a C version that works fine (compiled with DevC++ with 64bit app support). I made a Delphi version that compiles fine and without any ...

This is my code to get text section section get_text_section(std::uintptr_t module) { section text_section = {}; PIMAGE_DOS_HEADER dosheader = reinterpret_cast<...

I'm writing a minimal PE loader that parses the export table to locate functions by name, in my hypervisor. However, when I try to retrieve the RVA of a function, the value seems incorrect. Here's the ...

I am working on a Go application that encrypts sensitive files using a public key. The goal of my project is to create a customizable encryption tool that allows users to generate an executable ...

I got following C code compiled with GCC on Windows #include <stdio.h> #include <conio.h> int main() { int a = 68639977; printf("int: %d", a); getch(); a++; ...

PhysicalAddress is a member of the Misc union, defined as follows: typedef struct _IMAGE_SECTION_HEADER { BYTE Name[IMAGE_SIZEOF_SHORT_NAME]; union { DWORD PhysicalAddress; ...

struct IMAGE_DOS_HEADER from Win11 SDK: typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header WORD e_magic; // Magic number WORD e_cblp; // ...