NimReflectiveLoader is a tool developed in Nim, specializing in executing DLLs entirely in memory. This project leverages Reflective DLL Loading, a technique that allows DLLs to be loaded and executed without being written to disk, thereby enhancing stealth and efficiency. It also enables the execution of specific exported functions within these DLLs.
- Reflective DLL Loading: Load and execute DLLs entirely in memory.
- Function Invocation: Capability to call exported functions from the loaded DLLs.
- Stealth Operation: Operates without leaving traces on disk.
-
Clone the repository:
git clone https://github.com/Helixo32/NimReflectiveLoader
-
Compile the source code using Nim:
- Linux
nim --os:windows --cpu:amd64 --gcc.exe:x86_64-w64-mingw32-gcc --gcc.linkerexe:x86_64-w64-mingw32-gcc c RunRemoteDll.nim
- Windows
nim c RunRemoteDll.nim
After compiling, you can load and execute DLLs in memory using the NimReflectiveLoader and also invoke specific exported functions from these DLLs. You need to change the URL and exported function on lines 445 and 446.
reflective-dll.mp4
This project is licensed under MIT License - see the LICENSE file for details.
NimReflectiveLoader - Bridging advanced DLL loading techniques with the efficiency of Nim and the flexibility of exported function invocation.