1. Arjun Sapkota
  2. SysProtection

Overview

HTTPS SSH

SysProtection

Created back in 2008.

This is a Proof of Concept of hooking executable entry point to execute custom code Code can be written in as a plugin Win32 dll.

What is the use

You have an application which you don't have source code. Using this application you can create dll that ask for the password before the application executes. so when you run the builder(tool to rewrite PE image , code inside) your application is now password protected :)

You want to show splash screen before you run any executable, Write a dll to display splash screen (eg source code is in the repo) and run the builder, your application now shows splash screen :)

Warning

  • Some antivirus may treat this as a Virus but it is not a virus at all.
  • The ideas of hooking entrypoint is what very common in virus application.
  • Dont worry at all it is a false positive.

Tech Stack

  • C++ for Building Custom PE image
  • Masm for creating bootstrap code.
  • C# for creating a builder

There are few useful cookies inside this repo.

  • VirtualPE
  • Import builder
  • Custom section adder.