Skip to content
/ GetModuleHandle Public

GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB

ricardojoserf.github.io/getmodulehandle/
7 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ricardojoserf/GetModuleHandle

1 Branch2 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ricardojoserfricardojoserf
Add files via upload
Feb 9, 2024
fcb59ff · Feb 9, 2024

History

11 Commits
GetModuleHandle
GetModuleHandle
Feb 9, 2024
GetModuleHandle.sln
GetModuleHandle.sln
Jul 8, 2023
README.md
README.md
Feb 9, 2024

Repository files navigation

GetModuleHandle - Custom implementation in C#

It works like the GetModuleHandle WinAPI: it takes a DLL name, walks the PEB structure and returns the DLL base address.

It only uses the NtQueryInformationProcess native API call, without using structs.

It works in both 32-bit and 64-bit processes. You can test this using the binaries in the Releases section:

img

Sources

About

GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB

ricardojoserf.github.io/getmodulehandle/

Topics

malware-development getmodulehandle sektor7 dynamic-function-resolution

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

Version 1.1 Latest
Jul 9, 2023

Sponsor this project

@ricardojoserf ricardojoserf Ricardo Ruiz
Sponsor
Learn more about GitHub Sponsors

Languages