Injects shellcode to remote process

Create a notepad.exe process as host.
Load Dll into remote process by calling LoadLibaryW with a remote thread.
Get Dll AddressofEntryPoint.
Write shellcode to AddressofEntryPoint and call shellcode with CreateRemoteThread.

https://www.ired.team/offensive-security/code-injection-process-injection/modulestomping-dll-hollowing-shellcode-injection

Loads shellcode in local process.
Forrest-orr's PoC but then in C.
I added usermode capabilities where all dll's drom system32 are copied to temp folder if program is not run elevated.

https://www.forrest-orr.net/post/malicious-memory-artifacts-part-i-dll-hollowing