1- Blackbone
2- =========
1+ # Blackbone
32
4- # Windows memory hacking library #
3+ ### Windows memory hacking library
54
6- ## Features ##
5+ ## Features
76
8- - x86 and x64 support
7+ - ** x86 and x64 support**
98
10- - ** Process interaction**
9+ ** Process interaction**
1110 - Manage PEB32/PEB64
1211 - Manage process through WOW64 barrier
1312
14- - ** Process Memory**
13+ ** Process Memory**
1514 - Allocate and free virtual memory
1615 - Change memory protection
1716 - Read/Write virtual memory
1817
19- - ** Process modules**
18+ ** Process modules**
2019 - Enumerate all (32/64 bit) modules loaded. Enumerate modules using Loader list/Section objects/PE headers methods.
2120 - Get exported function address
2221 - Get the main module
@@ -25,7 +24,7 @@ Blackbone
2524 - Inject 64bit modules into WOW64 processes
2625 - Manually map native PE images
2726
28- - ** Threads**
27+ ** Threads**
2928 - Enumerate threads
3029 - Create and terminate threads. Support for cross-session thread creation.
3130 - Get thread exit code
@@ -35,22 +34,22 @@ Blackbone
3534 - Suspend and resume threads
3635 - Set/Remove hardware breakpoints
3736
38- - ** Pattern search**
37+ ** Pattern search**
3938 - Search for arbitrary pattern in local or remote process
4039
41- - ** Remote code execution**
40+ ** Remote code execution**
4241 - Execute functions in remote process
4342 - Assemble own code and execute it remotely
4443 - Support for cdecl/stdcall/thiscall/fastcall conventions
4544 - Support for arguments passed by value, pointer or reference, including structures
4645 - FPU types are supported
4746 - Execute code in new thread or any existing one
4847
49- - ** Remote hooking**
48+ ** Remote hooking**
5049 - Hook functions in remote process using int3 or hardware breakpoints
5150 - Hook functions upon return
5251
53- - ** Manual map features**
52+ ** Manual map features**
5453 - x86 and x64 image support
5554 - Mapping into any arbitrary unprotected process
5655 - Section mapping with proper memory protection flags
@@ -71,10 +70,9 @@ Blackbone
7170 - C++/CLI images are supported
7271 - Image unloading
7372 - Increase reference counter for import libraries in case of manual import mapping
74- - Cyclic dependencies are handled properly
73+ - Cyclic dependencies are handled properly
7574
76-
77- - ** Driver features**
75+ ** Driver features**
7876- Allocate/free/protect user memory
7977- Read/write user and kernel memory
8078- Disable permanent DEP for WOW64 processes
@@ -86,4 +84,9 @@ Blackbone
8684- Manual mapping of drivers
8785
8886## License ##
89- Blackbone is licensed under the MIT License. Dependencies are under their respective licenses.
87+ Blackbone is licensed under the MIT License. Dependencies are under their respective licenses.
88+
89+ [ ![ Build status] ( https://ci.appveyor.com/api/projects/status/5lu9aw84t00ibkdo/branch/master?svg=true )] ( https://ci.appveyor.com/project/DarthTon/blackbone-q21rd/branch/master )
90+ [ ![ Build status] ( https://ci.appveyor.com/api/projects/status/5lu9aw84t00ibkdo/branch/master?svg=true )] ( https://ci.appveyor.com/project/DarthTon/blackbone-q21rd/branch/VS2017 )
91+
92+ [ ![ Build status] ( https://ci.appveyor.com/api/projects/status/5lu9aw84t00ibkdo?svg=true )] ( https://ci.appveyor.com/project/DarthTon/blackbone-q21rd )
0 commit comments