Awesome

BOF-DLL-Inject

BOF DLL Inject is a custom Beacon Object File that uses manual map DLL injection in order to migrate a dll into a process all from memory.

Advantages

• Less likely to be signatured
• DLL payload stays in memory and never touches disk
• Additional functionality is easy to implement
• DLL isn't registered as a module including the EPROCESS structure in kernel land

Notes

To see how I developed this tool and further information on it see my blog post