RunExeFromMemory is a c++ made project that allows you to use a well known technique in cybersecurity and malware analysis called "Process Hollowing", It's used in packers and loaders to run an executable inside the memory space of another process.
- Map a desk file into a buffer (byte array).
- Run x32 and x64 executables inside of another process.
- Make sure that your build matches the exe you want to run from memory -You can check the exe build mode using a tool like :- DIE
- Include all the needed header files to you project, which are located in pch.h
git clone https://github.com/Dotechs/RunExeFromMemory
Open the RunExeFromMemory.sln
MIT Attribution License
This project is for educational purposes only. The use of RunExeFromMemory for any malware or any illegal projects is not permitted and I completely disclaim any responsibility for this.
Discord: dotech