Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/adamhlt/cave-finder

Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files
https://github.com/adamhlt/cave-finder

codecave cpp pe winapi windows windows-internals

Last synced: 2 months ago
JSON representation

Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files

Host: GitHub
URL: https://github.com/adamhlt/cave-finder
Owner: adamhlt
License: gpl-3.0
Created: 2022-03-14T15:58:16.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2023-08-01T21:04:35.000Z (over 1 year ago)
Last Synced: 2024-12-08T22:01:26.412Z (2 months ago)
Topics: codecave, cpp, pe, winapi, windows, windows-internals
Language: C++
Homepage:
Size: 780 KB
Stars: 60
Watchers: 2
Forks: 8
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

```
______ _______ __
/ ____/___ __ _____ / ____(_)___ ____/ /__ _____
/ / / __ `/ | / / _ \ / /_ / / __ \/ __ / _ \/ ___/
/ /___/ /_/ /| |/ / __/ / __/ / / / / / /_/ / __/ /
\____/\__,_/ |___/\___/ /_/ /_/_/ /_/\__,_/\___/_/

Tool to find code cave in PE image (x86 / x64)
Find empty space to place code in PE files
```

## :open_book: Project Overview :

This tool help to find code caves in PE images (exe, dll, ...).

Retrieved informations :

- Section whe the cave reside.
- Size of the cave.
- Start / End file offset of the cave.
- Start / End virtual address of the cave
- Permission on the cave (read / write / execute).

The program retrieve free space in the file (array of 0x0), in every sections of a PE image. With enough space, you can write a shellcode...

This project can be compiled for x86 and x64 architecture.

## :rocket: Getting Started :

### Visual Studio :

1. Open the solution file (.sln).
2. Build the project in Debug / Release (x86 / x64)

### Other IDE using CMAKE :

This **CMakeLists.txt** should compile the project.

```cmake
cmake_minimum_required(VERSION 3.0)
project(miner)

set(CMAKE_CXX_STANDARD 17)

add_executable(miner main.cpp)
```

Tested on CLion with MSVC compiler, you can get Visual Studio Build Tools [**here**](https://visualstudio.microsoft.com/fr/downloads/?q=build+tools).

## 🧪 Usage :

### How to use the program :

Use it in the command line :

```shell
miner.exe ```

### Demonstration : https://user-images.githubusercontent.com/48086737/158227625-db6beb29-da68-4d90-9438-e737bff332a7.mp4