Skip to content
/ get_api_address Public

A small and portable 32/64 bit C code to get windows API address without calling any API

License

Unlicense license
2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mp81ss/get_api_address

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
gaa_test.c
gaa_test.c
 
 
get_api_address.c
get_api_address.c
 
 
get_api_address.h
get_api_address.h
 
 

Repository files navigation

ARCHIVED - Moved to gitlab

This mini-library allows to retrieve API address in loaded modules without calling standard API GetProcAddress.

Usually this code is found in assembly-written malware to avoid detection and to bypass other PE-format restrictions on functions export.

This code is written in C with some extension to the standard specification and can be compiled in both 32-bit and 64-bit without modifying anything.

Actually VisualStudio and Digitalmars compiler support this code.

The code just export a single api:

FARPROC get_api_address(LPCSTR name, LPCVOID its_page, LPCVOID* found_page);

See code for technical details

All this code is released in public domain

About

A small and portable 32/64 bit C code to get windows API address without calling any API

Topics

windows api malware address win32 win64 kernel32 kernel32-dll getprocaddress

Resources

Readme

License

Unlicense license
Activity

Stars

2 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages