R0m4NTAPI is intended for educational purposes only. This tool is designed to help users understand process injection techniques and NTAPI functions within a controlled, legal environment.
Do not use this tool for any malicious or unauthorized activities. The author is not responsible for any misuse of this tool. Always obtain proper authorization before using this tool on any system.
R0m4NTAPI is a shellcode injection tool that demonstrates how to inject arbitrary shellcode into a target process using native NTAPI functions. This project is designed for educational purposes, helping users understand low-level process manipulation techniques on Windows platforms.
- Process Injection: Injects shellcode into a target process using NTAPI functions.
- Memory Management: Allocates and protects memory within the target process.
- Thread Execution: Creates a remote thread in the target process to execute the injected shellcode.
- Error Handling: Includes robust error handling and logging for easier debugging and stability.
- Operating System: Windows 10 or later.
- Development Environment: Visual Studio or any C/C++ compiler supporting Windows APIs.
- Permissions: Administrator privileges may be required for injecting into certain processes.
-
Clone the repository:
git clone https://github.com/AbdouRoumi/R0m4NTAPI.git cd R0m4NTAPI -
Open the project in Visual Studio or compile it using your preferred C/C++ compiler.
-
Build the project:
- In Visual Studio, select
Build > Build Solution. - Alternatively, use
clfrom the command line:cl /EHsc /Fe:R0m4NTAPI.exe R0m4NTAPI.cpp
- In Visual Studio, select
-
Run the injector with the target process ID:
R0m4NTAPI.exe <PID>
-
The injector will:
- Open a handle to the target process.
- Allocate memory in the target process.
- Write the shellcode to the allocated memory.
- Change memory protection to executable.
- Create a remote thread in the target process to execute the shellcode.
R0m4NTAPI.exe 1234