Added Invoke-ReflectivePEInjection

Another awesome addition from Joe Bialek. Invoke-ReflectivePEInjection is a vast improvement over Invoke-ReflectiveDllInjection. It adds the following features: * Now supports loading exe files in memory * Supports reflective dll injection into a remote process * Additional sample Visual Studio solutions
author: Matt Graeber <mattgraeber@gmail.com> 2013-05-31 19:35:26 -0400
committer: Matt Graeber <mattgraeber@gmail.com> 2013-05-31 19:35:26 -0400
commit: dfec277813bfbc956dcac45345a9158093d68343 (patch)
tree: f205c4c4d6e81f33ace8086bbf63881ffc12dd51 /CodeExecution/Invoke-ReflectivePEInjection_Resources
parent: 6e5338c8a34ade0ec0a4704031109fb5187620f8 (diff)
download: PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.tar.gz
PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.zip
50 files changed, 1798 insertions, 0 deletions
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL.sln b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL.sln
new file mode 100644
index 0000000..55267b4
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL.sln
@@ -0,0 +1,26 @@
+
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DemoDLL", "DemoDLL\DemoDLL.vcxproj", "{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Debug|Win32.ActiveCfg = Debug|Win32
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Debug|Win32.Build.0 = Debug|Win32
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Debug|x64.ActiveCfg = Debug|x64
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Debug|x64.Build.0 = Debug|x64
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Release|Win32.ActiveCfg = Release|Win32
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Release|Win32.Build.0 = Release|Win32
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Release|x64.ActiveCfg = Release|x64
+		{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.cpp
new file mode 100644
index 0000000..61380d3
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.cpp
@@ -0,0 +1,60 @@
+// DemoDLL.cpp : Defines the exported functions for the DLL application.
+//
+
+#include "stdafx.h"
+#include "DemoDLL.h"
+
+using namespace std;
+
+
+extern "C" __declspec( dllexport ) char* StringFunc()
+{
+	ostream *outputStream = NULL;
+
+	//If you want to output to cout, simply set outputStream to &cout. This allows you to write a program that can switch between outputting to string or to cout.
+	//outputStream = &cout;
+
+	ostringstream *stringStream = new ostringstream();
+	outputStream = stringStream;
+	
+	(*outputStream) << "String DLL function is working" << endl << endl;
+
+	string output = (*stringStream).str();
+	const char* outputStr = output.c_str();
+
+	char* out = new char[output.size()+1];
+	strcpy(out, outputStr);
+	out[output.size()] = '\0';
+
+
+	return out;
+}
+
+extern "C" __declspec( dllexport ) void VoidFunc()
+{
+	printf("Void DLL function is working, using printf to display. You will only see this if you run locally.\n\n");
+	return;
+}
+
+extern "C" __declspec( dllexport ) wchar_t* WStringFunc()
+{
+	wostream *outputStream = NULL;
+
+	//If you want to output to wcout, simply set outputStream to &cout. This allows you to write a program that can switch between outputting to wstring or to wcout.
+	outputStream = &wcout;
+
+	wostringstream *stringStream = new wostringstream();
+	outputStream = stringStream;
+	
+	(*outputStream) << L"WString DLL function is working" << endl << endl;
+
+	wstring output = (*stringStream).str();
+	const wchar_t* outputStr = output.c_str();
+
+	wchar_t* out = new wchar_t[output.size()+1];
+	wcscpy(out, outputStr);
+	out[output.size()] = '\0';
+
+
+	return out;
+}
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.h
new file mode 100644
index 0000000..2cb11a0
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.h
@@ -0,0 +1,17 @@
+// The following ifdef block is the standard way of creating macros which make exporting 
+// from a DLL simpler. All files within this DLL are compiled with the DEMODLL_EXPORTS
+// symbol defined on the command line. This symbol should not be defined on any project
+// that uses this DLL. This way any other project whose source files include this file see 
+// DEMODLL_API functions as being imported from a DLL, whereas this DLL sees symbols
+// defined with this macro as being exported.
+#ifdef DEMODLL_EXPORTS
+#define DEMODLL_API __declspec(dllexport)
+#else
+#define DEMODLL_API __declspec(dllimport)
+#endif
+
+using namespace std;
+
+extern "C" __declspec( dllexport ) char* StringFunc();
+extern "C" __declspec( dllexport ) void VoidFunc();
+extern "C" __declspec( dllexport ) wchar_t* WStringFunc();
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj
new file mode 100644
index 0000000..788891f
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj
@@ -0,0 +1,167 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{F4F1D8EF-4069-40F3-9AAB-F75BAD26CBBA}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>DemoDLL</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;DEMODLL_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;DEMODLL_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;DEMODLL_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;DEMODLL_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <None Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="DemoDLL.h" />
+    <ClInclude Include="stdafx.h" />
+    <ClInclude Include="targetver.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="DemoDLL.cpp" />
+    <ClCompile Include="dllmain.cpp">
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">false</CompileAsManaged>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+      </PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+      </PrecompiledHeader>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</CompileAsManaged>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+      </PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+      </PrecompiledHeader>
+    </ClCompile>
+    <ClCompile Include="stdafx.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
+    </ClCompile>
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj.filters b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj.filters
new file mode 100644
index 0000000..40f585c
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/DemoDLL.vcxproj.filters
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="targetver.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="DemoDLL.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="DemoDLL.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="dllmain.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/ReadMe.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/ReadMe.txt
new file mode 100644
index 0000000..0edff7b
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/ReadMe.txt
@@ -0,0 +1,40 @@
+========================================================================
+    DYNAMIC LINK LIBRARY : DemoDLL Project Overview
+========================================================================
+
+AppWizard has created this DemoDLL DLL for you.
+
+This file contains a summary of what you will find in each of the files that
+make up your DemoDLL application.
+
+
+DemoDLL.vcxproj
+    This is the main project file for VC++ projects generated using an Application Wizard.
+    It contains information about the version of Visual C++ that generated the file, and
+    information about the platforms, configurations, and project features selected with the
+    Application Wizard.
+
+DemoDLL.vcxproj.filters
+    This is the filters file for VC++ projects generated using an Application Wizard. 
+    It contains information about the association between the files in your project 
+    and the filters. This association is used in the IDE to show grouping of files with
+    similar extensions under a specific node (for e.g. ".cpp" files are associated with the
+    "Source Files" filter).
+
+DemoDLL.cpp
+    This is the main DLL source file.
+
+/////////////////////////////////////////////////////////////////////////////
+Other standard files:
+
+StdAfx.h, StdAfx.cpp
+    These files are used to build a precompiled header (PCH) file
+    named DemoDLL.pch and a precompiled types file named StdAfx.obj.
+
+/////////////////////////////////////////////////////////////////////////////
+Other notes:
+
+AppWizard uses "TODO:" comments to indicate parts of the source code you
+should add to or customize.
+
+/////////////////////////////////////////////////////////////////////////////
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/dllmain.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/dllmain.cpp
new file mode 100644
index 0000000..69b5891
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/dllmain.cpp
@@ -0,0 +1,19 @@
+// dllmain.cpp : Defines the entry point for the DLL application.
+#include "stdafx.h"
+
+BOOL APIENTRY DllMain( HMODULE hModule,
+                       DWORD  ul_reason_for_call,
+                       LPVOID lpReserved
+					 )
+{
+	switch (ul_reason_for_call)
+	{
+	case DLL_PROCESS_ATTACH:
+	case DLL_THREAD_ATTACH:
+	case DLL_THREAD_DETACH:
+	case DLL_PROCESS_DETACH:
+		break;
+	}
+	return TRUE;
+}
+
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.cpp
new file mode 100644
index 0000000..f18a679
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.cpp
@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// DemoDLL.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.h
new file mode 100644
index 0000000..a67fe85
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/stdafx.h
@@ -0,0 +1,20 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+
+#include "targetver.h"
+
+#define WIN32_LEAN_AND_MEAN             // Exclude rarely-used stuff from Windows headers
+// Windows Header Files:
+#include <windows.h>
+#include <string>
+#include <ostream>
+#include <sstream>
+#include <iostream>
+
+
+
+// TODO: reference additional headers your program requires here
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/targetver.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/targetver.h
new file mode 100644
index 0000000..87c0086
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL/DemoDLL/targetver.h
@@ -0,0 +1,8 @@
+#pragma once
+
+// Including SDKDDKVer.h defines the highest available Windows platform.
+
+// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
+// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
+
+#include <SDKDDKVer.h>
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.sln b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.sln
new file mode 100644
index 0000000..d05acff
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.sln
@@ -0,0 +1,26 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DemoDLL_RemoteProcess", "DemoDLL_RemoteProcess\DemoDLL_RemoteProcess.vcxproj", "{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Debug|Win32.ActiveCfg = Debug|Win32
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Debug|Win32.Build.0 = Debug|Win32
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Debug|x64.ActiveCfg = Debug|x64
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Debug|x64.Build.0 = Debug|x64
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Release|Win32.ActiveCfg = Release|Win32
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Release|Win32.Build.0 = Release|Win32
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Release|x64.ActiveCfg = Release|x64
+		{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.cpp
new file mode 100644
index 0000000..6ce31c6
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.cpp
@@ -0,0 +1,19 @@
+// DemoDLL_RemoteProcess.cpp : Defines the exported functions for the DLL application.
+//
+
+#include "stdafx.h"
+
+using namespace std;
+
+extern "C" __declspec( dllexport ) void VoidFunc();
+
+
+extern "C" __declspec( dllexport ) void VoidFunc()
+{
+	ofstream myfile;
+	_mkdir("c:\\ReflectiveLoaderTest");
+	myfile.open ("c:\\ReflectiveLoaderTest\\DllVoidFunction.txt");
+	myfile << "Dll Void function successfully called.\n";
+	myfile.close();
+	return;
+}
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj
new file mode 100644
index 0000000..d151ba5
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{3C031A7E-A99B-465E-ADF0-1350A94F1F5D}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>DemoDLL_RemoteProcess</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;DEMODLL_REMOTEPROCESS_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;DEMODLL_REMOTEPROCESS_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;DEMODLL_REMOTEPROCESS_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;DEMODLL_REMOTEPROCESS_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Windows</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h" />
+    <ClInclude Include="targetver.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="DemoDLL_RemoteProcess.cpp" />
+    <ClCompile Include="dllmain.cpp">
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">false</CompileAsManaged>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+      </PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+      </PrecompiledHeader>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</CompileAsManaged>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+      </PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+      </PrecompiledHeader>
+    </ClCompile>
+    <ClCompile Include="stdafx.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
+    </ClCompile>
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj.filters b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj.filters
new file mode 100644
index 0000000..b454b33
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess.vcxproj.filters
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="targetver.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="DemoDLL_RemoteProcess.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="dllmain.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/ReadMe.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/ReadMe.txt
new file mode 100644
index 0000000..3aa356f
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/ReadMe.txt
@@ -0,0 +1,48 @@
+========================================================================
+    DYNAMIC LINK LIBRARY : DemoDLL_RemoteProcess Project Overview
+========================================================================
+
+AppWizard has created this DemoDLL_RemoteProcess DLL for you.
+
+This file contains a summary of what you will find in each of the files that
+make up your DemoDLL_RemoteProcess application.
+
+
+DemoDLL_RemoteProcess.vcxproj
+    This is the main project file for VC++ projects generated using an Application Wizard.
+    It contains information about the version of Visual C++ that generated the file, and
+    information about the platforms, configurations, and project features selected with the
+    Application Wizard.
+
+DemoDLL_RemoteProcess.vcxproj.filters
+    This is the filters file for VC++ projects generated using an Application Wizard. 
+    It contains information about the association between the files in your project 
+    and the filters. This association is used in the IDE to show grouping of files with
+    similar extensions under a specific node (for e.g. ".cpp" files are associated with the
+    "Source Files" filter).
+
+DemoDLL_RemoteProcess.cpp
+    This is the main DLL source file.
+
+	When created, this DLL does not export any symbols. As a result, it
+	will not produce a .lib file when it is built. If you wish this project
+	to be a project dependency of some other project, you will either need to
+	add code to export some symbols from the DLL so that an export library
+	will be produced, or you can set the Ignore Input Library property to Yes
+	on the General propert page of the Linker folder in the project's Property
+	Pages dialog box.
+
+/////////////////////////////////////////////////////////////////////////////
+Other standard files:
+
+StdAfx.h, StdAfx.cpp
+    These files are used to build a precompiled header (PCH) file
+    named DemoDLL_RemoteProcess.pch and a precompiled types file named StdAfx.obj.
+
+/////////////////////////////////////////////////////////////////////////////
+Other notes:
+
+AppWizard uses "TODO:" comments to indicate parts of the source code you
+should add to or customize.
+
+/////////////////////////////////////////////////////////////////////////////
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/dllmain.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/dllmain.cpp
new file mode 100644
index 0000000..7cab1a2
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/dllmain.cpp
@@ -0,0 +1,28 @@
+// dllmain.cpp : Defines the entry point for the DLL application.
+#include "stdafx.h"
+
+using namespace std;
+
+BOOL APIENTRY DllMain( HMODULE hModule,
+                       DWORD  ul_reason_for_call,
+                       LPVOID lpReserved
+					 )
+{
+	ofstream myfile;
+
+	switch (ul_reason_for_call)
+	{
+	case DLL_PROCESS_ATTACH:
+			_mkdir("c:\\ReflectiveLoaderTest");
+			myfile.open ("c:\\ReflectiveLoaderTest\\DllMain.txt");
+			myfile << "DllMain successfully called.\n";
+			myfile.close();
+		break;
+	case DLL_THREAD_ATTACH:
+	case DLL_THREAD_DETACH:
+	case DLL_PROCESS_DETACH:
+		break;
+	}
+	return TRUE;
+}
+
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.cpp
new file mode 100644
index 0000000..356b70b
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.cpp
@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// DemoDLL_RemoteProcess.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.h
new file mode 100644
index 0000000..1b77181
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/stdafx.h
@@ -0,0 +1,19 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+
+#include "targetver.h"
+
+#define WIN32_LEAN_AND_MEAN             // Exclude rarely-used stuff from Windows headers
+// Windows Header Files:
+#include <windows.h>
+#include <iostream>
+#include <fstream>
+#include <string.h>
+#include <direct.h>
+
+
+// TODO: reference additional headers your program requires here
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/targetver.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/targetver.h
new file mode 100644
index 0000000..87c0086
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoDLL_RemoteProcess/DemoDLL_RemoteProcess/targetver.h
@@ -0,0 +1,8 @@
+#pragma once
+
+// Including SDKDDKVer.h defines the highest available Windows platform.
+
+// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
+// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
+
+#include <SDKDDKVer.h>
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe.sln b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe.sln
new file mode 100644
index 0000000..891727b
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe.sln
@@ -0,0 +1,36 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DemoExe_MD", "DemoExe_MD\DemoExe_MD.vcxproj", "{F674A5CE-F75F-4035-90AB-46DEBC670282}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DemoExe_MDd", "DemoExe_MDd\DemoExe_MDd.vcxproj", "{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Debug|Win32.ActiveCfg = Debug|Win32
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Debug|Win32.Build.0 = Debug|Win32
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Debug|x64.ActiveCfg = Debug|x64
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Debug|x64.Build.0 = Debug|x64
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Release|Win32.ActiveCfg = Release|Win32
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Release|Win32.Build.0 = Release|Win32
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Release|x64.ActiveCfg = Release|x64
+		{F674A5CE-F75F-4035-90AB-46DEBC670282}.Release|x64.Build.0 = Release|x64
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Debug|Win32.Build.0 = Debug|Win32
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Debug|x64.ActiveCfg = Debug|x64
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Debug|x64.Build.0 = Debug|x64
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Release|Win32.ActiveCfg = Release|Win32
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Release|Win32.Build.0 = Release|Win32
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Release|x64.ActiveCfg = Release|x64
+		{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.cpp
new file mode 100644
index 0000000..364340b
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.cpp
@@ -0,0 +1,26 @@
+// DemoExe.cpp : Defines the entry point for the console application.
+//
+
+#include "stdafx.h"
+#include <iostream>
+
+using namespace std;
+
+int _tmain(int argc, _TCHAR* argv[])
+{
+	printf("Exe loaded! Printing argc and argv\n\n");
+
+	printf("Argc: %d\n", argc);
+	printf("ArgvAddress: %d\n", argv);
+	
+	for (int i = 0; i < argc; i++)
+	{
+		wprintf(L"Argv: %s\n", argv[i]);
+	}
+
+	printf("Exiting exe\n");
+
+	return 0;
+}
+
+
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj
new file mode 100644
index 0000000..bdf3fe0
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj
@@ -0,0 +1,162 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{F674A5CE-F75F-4035-90AB-46DEBC670282}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>DemoExe_MD</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+      <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+      <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h" />
+    <ClInclude Include="targetver.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="DemoExe_MD.cpp" />
+    <ClCompile Include="stdafx.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
+    </ClCompile>
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj.filters b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj.filters
new file mode 100644
index 0000000..2048201
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/DemoExe_MD.vcxproj.filters
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="targetver.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="DemoExe_MD.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/ReadMe.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/ReadMe.txt
new file mode 100644
index 0000000..0259e3e
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/ReadMe.txt
@@ -0,0 +1,40 @@
+========================================================================
+    CONSOLE APPLICATION : DemoExe_MD Project Overview
+========================================================================
+
+AppWizard has created this DemoExe_MD application for you.
+
+This file contains a summary of what you will find in each of the files that
+make up your DemoExe_MD application.
+
+
+DemoExe_MD.vcxproj
+    This is the main project file for VC++ projects generated using an Application Wizard.
+    It contains information about the version of Visual C++ that generated the file, and
+    information about the platforms, configurations, and project features selected with the
+    Application Wizard.
+
+DemoExe_MD.vcxproj.filters
+    This is the filters file for VC++ projects generated using an Application Wizard. 
+    It contains information about the association between the files in your project 
+    and the filters. This association is used in the IDE to show grouping of files with
+    similar extensions under a specific node (for e.g. ".cpp" files are associated with the
+    "Source Files" filter).
+
+DemoExe_MD.cpp
+    This is the main application source file.
+
+/////////////////////////////////////////////////////////////////////////////
+Other standard files:
+
+StdAfx.h, StdAfx.cpp
+    These files are used to build a precompiled header (PCH) file
+    named DemoExe_MD.pch and a precompiled types file named StdAfx.obj.
+
+/////////////////////////////////////////////////////////////////////////////
+Other notes:
+
+AppWizard uses "TODO:" comments to indicate parts of the source code you
+should add to or customize.
+
+/////////////////////////////////////////////////////////////////////////////
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.cpp
new file mode 100644
index 0000000..487dd86
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.cpp
@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// DemoExe_MD.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.h
new file mode 100644
index 0000000..b005a83
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/stdafx.h
@@ -0,0 +1,15 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+
+#include "targetver.h"
+
+#include <stdio.h>
+#include <tchar.h>
+
+
+
+// TODO: reference additional headers your program requires here
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/targetver.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/targetver.h
new file mode 100644
index 0000000..87c0086
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MD/targetver.h
@@ -0,0 +1,8 @@
+#pragma once
+
+// Including SDKDDKVer.h defines the highest available Windows platform.
+
+// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
+// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
+
+#include <SDKDDKVer.h>
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.cpp
new file mode 100644
index 0000000..364340b
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.cpp
@@ -0,0 +1,26 @@
+// DemoExe.cpp : Defines the entry point for the console application.
+//
+
+#include "stdafx.h"
+#include <iostream>
+
+using namespace std;
+
+int _tmain(int argc, _TCHAR* argv[])
+{
+	printf("Exe loaded! Printing argc and argv\n\n");
+
+	printf("Argc: %d\n", argc);
+	printf("ArgvAddress: %d\n", argv);
+	
+	for (int i = 0; i < argc; i++)
+	{
+		wprintf(L"Argv: %s\n", argv[i]);
+	}
+
+	printf("Exiting exe\n");
+
+	return 0;
+}
+
+
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj
new file mode 100644
index 0000000..1343ba7
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj
@@ -0,0 +1,160 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{18FA8A49-4663-4FD8-9F0B-BD489A385A7B}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>DemoExe_MDd</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h" />
+    <ClInclude Include="targetver.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="DemoExe_MDd.cpp" />
+    <ClCompile Include="stdafx.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
+    </ClCompile>
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj.filters b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj.filters
new file mode 100644
index 0000000..c376aad
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/DemoExe_MDd.vcxproj.filters
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="targetver.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="DemoExe_MDd.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/ReadMe.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/ReadMe.txt
new file mode 100644
index 0000000..63eddea
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/ReadMe.txt
@@ -0,0 +1,40 @@
+========================================================================
+    CONSOLE APPLICATION : DemoExe_MDd Project Overview
+========================================================================
+
+AppWizard has created this DemoExe_MDd application for you.
+
+This file contains a summary of what you will find in each of the files that
+make up your DemoExe_MDd application.
+
+
+DemoExe_MDd.vcxproj
+    This is the main project file for VC++ projects generated using an Application Wizard.
+    It contains information about the version of Visual C++ that generated the file, and
+    information about the platforms, configurations, and project features selected with the
+    Application Wizard.
+
+DemoExe_MDd.vcxproj.filters
+    This is the filters file for VC++ projects generated using an Application Wizard. 
+    It contains information about the association between the files in your project 
+    and the filters. This association is used in the IDE to show grouping of files with
+    similar extensions under a specific node (for e.g. ".cpp" files are associated with the
+    "Source Files" filter).
+
+DemoExe_MDd.cpp
+    This is the main application source file.
+
+/////////////////////////////////////////////////////////////////////////////
+Other standard files:
+
+StdAfx.h, StdAfx.cpp
+    These files are used to build a precompiled header (PCH) file
+    named DemoExe_MDd.pch and a precompiled types file named StdAfx.obj.
+
+/////////////////////////////////////////////////////////////////////////////
+Other notes:
+
+AppWizard uses "TODO:" comments to indicate parts of the source code you
+should add to or customize.
+
+/////////////////////////////////////////////////////////////////////////////
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.cpp
new file mode 100644
index 0000000..bd57b62
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.cpp
@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// DemoExe_MDd.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.h
new file mode 100644
index 0000000..b005a83
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/stdafx.h
@@ -0,0 +1,15 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+
+#include "targetver.h"
+
+#include <stdio.h>
+#include <tchar.h>
+
+
+
+// TODO: reference additional headers your program requires here
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/targetver.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/targetver.h
new file mode 100644
index 0000000..87c0086
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/DemoExe/DemoExe_MDd/targetver.h
@@ -0,0 +1,8 @@
+#pragma once
+
+// Including SDKDDKVer.h defines the highest available Windows platform.
+
+// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
+// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
+
+#include <SDKDDKVer.h>
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo.sln b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo.sln
new file mode 100644
index 0000000..864683a
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo.sln
@@ -0,0 +1,20 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ExeToInjectInTo", "ExeToInjectInTo\ExeToInjectInTo.vcxproj", "{B9FD99EA-9BD2-4A39-A367-C16B680B41F3}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{B9FD99EA-9BD2-4A39-A367-C16B680B41F3}.Debug|Win32.ActiveCfg = Debug|Win32
+		{B9FD99EA-9BD2-4A39-A367-C16B680B41F3}.Debug|Win32.Build.0 = Debug|Win32
+		{B9FD99EA-9BD2-4A39-A367-C16B680B41F3}.Release|Win32.ActiveCfg = Release|Win32
+		{B9FD99EA-9BD2-4A39-A367-C16B680B41F3}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.cpp
new file mode 100644
index 0000000..c19541b
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.cpp
@@ -0,0 +1,16 @@
+// ExeToInjectInTo.cpp : Defines the entry point for the console application.
+//
+
+#include "stdafx.h"
+#include <stdio.h>
+
+using namespace std;
+
+int _tmain(int argc, _TCHAR* argv[])
+{
+	printf("Press enter to close.\n");
+	getchar();
+	
+	return 0;
+}
+
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj
new file mode 100644
index 0000000..dd3e57d
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{B9FD99EA-9BD2-4A39-A367-C16B680B41F3}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>ExeToInjectInTo</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v110</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <SDLCheck>true</SDLCheck>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h" />
+    <ClInclude Include="targetver.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="ExeToInjectInTo.cpp" />
+    <ClCompile Include="stdafx.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
+    </ClCompile>
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj.filters b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj.filters
new file mode 100644
index 0000000..3ec31be
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ExeToInjectInTo.vcxproj.filters
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <Text Include="ReadMe.txt" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="targetver.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="ExeToInjectInTo.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ReadMe.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ReadMe.txt
new file mode 100644
index 0000000..3697163
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/ReadMe.txt
@@ -0,0 +1,40 @@
+========================================================================
+    CONSOLE APPLICATION : ExeToInjectInTo Project Overview
+========================================================================
+
+AppWizard has created this ExeToInjectInTo application for you.
+
+This file contains a summary of what you will find in each of the files that
+make up your ExeToInjectInTo application.
+
+
+ExeToInjectInTo.vcxproj
+    This is the main project file for VC++ projects generated using an Application Wizard.
+    It contains information about the version of Visual C++ that generated the file, and
+    information about the platforms, configurations, and project features selected with the
+    Application Wizard.
+
+ExeToInjectInTo.vcxproj.filters
+    This is the filters file for VC++ projects generated using an Application Wizard. 
+    It contains information about the association between the files in your project 
+    and the filters. This association is used in the IDE to show grouping of files with
+    similar extensions under a specific node (for e.g. ".cpp" files are associated with the
+    "Source Files" filter).
+
+ExeToInjectInTo.cpp
+    This is the main application source file.
+
+/////////////////////////////////////////////////////////////////////////////
+Other standard files:
+
+StdAfx.h, StdAfx.cpp
+    These files are used to build a precompiled header (PCH) file
+    named ExeToInjectInTo.pch and a precompiled types file named StdAfx.obj.
+
+/////////////////////////////////////////////////////////////////////////////
+Other notes:
+
+AppWizard uses "TODO:" comments to indicate parts of the source code you
+should add to or customize.
+
+/////////////////////////////////////////////////////////////////////////////
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.cpp b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.cpp
new file mode 100644
index 0000000..20978bb
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.cpp
@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// ExeToInjectInTo.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.h
new file mode 100644
index 0000000..b005a83
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/stdafx.h
@@ -0,0 +1,15 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+
+#include "targetver.h"
+
+#include <stdio.h>
+#include <tchar.h>
+
+
+
+// TODO: reference additional headers your program requires here
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/targetver.h b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/targetver.h
new file mode 100644
index 0000000..87c0086
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/ExeToInjectInTo/ExeToInjectInTo/targetver.h
@@ -0,0 +1,8 @@
+#pragma once
+
+// Including SDKDDKVer.h defines the highest available Windows platform.
+
+// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
+// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
+
+#include <SDKDDKVer.h>
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt
new file mode 100644
index 0000000..1454ca8
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/readme.txt
@@ -0,0 +1,12 @@
+This contains the assembly code I used to build the shellcode the PowerShell script uses. Some of the assembly isn't included beause I didn't save it, this should just be for the SUPER easy stuff like moving an address to EAX and returning.
+
+Compile:
+x64:
+nasm -f elf64 FileName.asm
+ld -o FileName FileName.o
+objdump -M intel -d FileName
+
+x86:
+nasm FileName.asm
+ld -o FileName FileName.o
+objdump -M intel -d FileName
+\ No newline at end of file
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/CallDllMain.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/CallDllMain.asm
new file mode 100644
index 0000000..02d6848
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/CallDllMain.asm
@@ -0,0 +1,20 @@
+[SECTION .text]
+global _start
+
+_start:
+	; Get stack setup
+	push rbx
+	mov rbx, rsp
+	and sp, 0xff00
+	
+	; Call DllMain
+	mov rcx, 0x4141414141414141	; DLLHandle, set by PowerShell
+	mov rdx, 0x1			; PROCESS_ATTACH
+	mov r8, 0x0			; NULL
+	mov rax, 0x4141414141414141	; Address of DllMain, set by PS
+	call rax
+
+	; Fix stack
+	mov rsp, rbx
+	pop rbx
+	ret
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm
new file mode 100644
index 0000000..d16cbc9
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/ExitThread.asm
@@ -0,0 +1,14 @@
+[SECTION .text]
+
+global _start
+
+_start:
+	; Set a var to 1, let PS known exe is exiting
+	mov rbx, 0x4141414141414141
+	mov [rbx], byte 0x01
+
+	; Call exitthread instead of exitprocess
+	sub rsp, 0xc0
+	and sp, 0xFFf0 ; Needed for stack alignment
+	mov rbx, 0x4141414141414141
+	call rbx
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/GetFuncAddress.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/GetFuncAddress.asm
new file mode 100644
index 0000000..edeffd6
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/GetFuncAddress.asm
@@ -0,0 +1,27 @@
+[SECTION .text]
+
+global _start
+
+_start:
+	; Save state of rbx and stack
+	push rbx
+	mov rbx, rsp
+
+	; Set up stack for function call to GetProcAddress
+	sub rsp, 0x20
+	and sp, 0xffc0
+
+	; Call getprocaddress
+	mov rcx, 0x4141414141414141	; DllHandle, set by PS
+	mov rdx, 0x4141414141414141	; Ptr to FuncName string, set by PS
+	mov rax, 0x4141414141414141	; GetProcAddress address, set by PS
+	call rax
+
+	; Store the result
+	mov rcx, 0x4141414141414141	; Ptr to buffer to save result,set by PS
+	mov [rcx], rax
+
+	; Restore stack
+	mov rsp, rbx
+	pop rbx
+	ret
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm
new file mode 100644
index 0000000..7f16471
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x64/LoadLibraryA.asm
@@ -0,0 +1,23 @@
+[SECTION .text]
+
+global _start
+
+_start:
+	; Save rsp and setup stack for function call
+	push rbx
+	mov rbx, rsp
+	sub rsp, 0x20
+	and sp, 0xffc0
+
+	; Call LoadLibraryA
+	mov rcx, 0x4141414141414141	; Ptr to string of library, set by PS
+	mov rdx, 0x4141414141414141	; Address of LoadLibrary, set by PS
+	call rdx
+
+	mov rdx, 0x4141414141414141	; Ptr to save result, set by PS
+	mov [rdx], rax
+
+	; Fix stack
+	mov rsp, rbx
+	pop rbx
+	ret
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/CallDllMain.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/CallDllMain.asm
new file mode 100644
index 0000000..41b1034
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/CallDllMain.asm
@@ -0,0 +1,23 @@
+[SECTION .text]
+global _start
+
+_start:
+	; Get stack setup
+	push ebx
+	mov ebx, esp
+	and esp, 0xfffffff0
+	
+	; Call DllMain
+	mov ecx, 0x41414141		; DLLHandle, set by PowerShell
+	mov edx, 0x1			; PROCESS_ATTACH
+	mov eax, 0x0			; NULL
+	push eax
+	push edx
+	push ecx
+	mov eax, 0x41414141		; Address of DllMain, set by PS
+	call eax
+
+	; Fix stack
+	mov esp, ebx
+	pop ebx
+	ret
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/ExitThread.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/ExitThread.asm
new file mode 100644
index 0000000..ce66543
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/ExitThread.asm
@@ -0,0 +1,13 @@
+[SECTION .text]
+global _start
+
+_start:
+	; Set a var to 1, let PS know the EXE is exiting
+	mov ebx, 0x41414141
+	mov [ebx], byte 0x01
+
+	; Call exitthread instead of exit process
+	sub esp, 0x20
+	and esp, 0xFFFFFFc0 ; Needed for stack alignment
+	mov ebx, 0x41414141
+	call ebx
diff --git a/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/GetProcAddress.asm b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/GetProcAddress.asm
new file mode 100644
index 0000000..bf2ac9e
--- /dev/null
+++ b/CodeExecution/Invoke-ReflectivePEInjection_Resources/Shellcode/x86/GetProcAddress.asm
@@ -0,0 +1,28 @@
+[SECTION .text]
+
+global _start
+
+_start:
+	; Save state of ebx and stack
+	push ebx
+	mov ebx, esp
+	
+	; Align stack
+	and esp, 0xffffffc0
+
+	; Call GetProcAddress
+	mov eax, 0x41414141	; DllHandle, supplied by PS
+	mov ecx, 0x41414141	; Function name, supplied by PS
+	push ecx
+	push eax
+	mov eax, 0x41414141	; GetProcAddress address, supplied by PS
+	call eax
+
+	; Write GetProcAddress return value to an address supplied by PS
+	mov ecx, 0x41414141	; Address supplied by PS
+	mov [ecx], eax
+
+	; Fix stack
+	mov esp, ebx
+	pop ebx
+	ret
author	Matt Graeber <mattgraeber@gmail.com>	2013-05-31 19:35:26 -0400
committer	Matt Graeber <mattgraeber@gmail.com>	2013-05-31 19:35:26 -0400
commit	dfec277813bfbc956dcac45345a9158093d68343 (patch)
tree	f205c4c4d6e81f33ace8086bbf63881ffc12dd51 /CodeExecution/Invoke-ReflectivePEInjection_Resources
parent	6e5338c8a34ade0ec0a4704031109fb5187620f8 (diff)
download	PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.tar.gz PowerSploit-dfec277813bfbc956dcac45345a9158093d68343.zip