Skip to content

andreisss/Remote-DLL-Injection-with-Timer-based-Shellcode-Execution

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
ConsoleApplication5.cpp
ConsoleApplication5.cpp
 
 
ConsoleApplication5.exe
ConsoleApplication5.exe
 
 
Dll1.dll
Dll1.dll
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
dllmain.cpp
dllmain.cpp
 
 

Repository files navigation

Remote DLL Injection with Timer-based Shellcode Execution

Documentation updated from previous mistake proces injection title!

Educational Research Only
This repository contains security research for educational purposes and authorized use only.
Use responsibly and in accordance with all applicable laws and regulations.

Overview

Remote DLL Injection with Timer-based Shellcode Execution is a technique that leverages the Windows thread pool to execute shellcode. Using the classic DLL injection with CreateThreadpoolTimer to run shellcode in-memory using legit system threads, stealthy, and likely to slip past modern defenses

This approach introduces a stealthy execution using Timer-based Shellcode Execution

Recording 2025-07-16 1317152323

🛠️ Technical Implementation

image

🧩 Core Components

🛠 Main Injector (ConsoleApplication5.cpp)

  • Process enumeration and targeting logic
  • DLL injection using CreateRemoteThread and LoadLibraryW
  • Error handling and execution status reporting

⏲ Timer DLL (Dll1.cpp)

  • Timer-based shellcode execution implementation
  • TP_CALLBACK_ENVIRON structure setup for thread pool configuration
  • Execution of shellcode via the timer callback

About

Remote DLL Injection with Timer-based Shellcode Execution

Resources

Readme

License

GPL-3.0 license
Activity

Stars

151 stars

Watchers

1 watching

Forks

37 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages