Tool Release: A Simple DLL Injection Utility

This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity.

A Simple DLL Injection Utility

29 Oct 2014 – Nicolas Guigo

NCLoader is a simple command-line DLL injection tool for windows. It takes a PID or process name as parameter and accounts for systems with a high number of running processes. Being single-featured, the utility aims for simplicity with its single C code file implementing the well known VirtualAllocEx+WriteProcessMemory+CreateRemoteThread method. The code aims for cleanliness (no warnings compilation on MSVC), readability and includes verbose error checking. Statically compiled binaries for x86 and x64 architectures are provided.

Check out the ncloader repository.