DLL Injection
DioProcess provides 7 different DLL injection methods, each with unique characteristics and evasion capabilities.
Security Research Only
Available Methods
Each method is implemented in its own file under crates/misc/src/injection/
1. LoadLibrary
ClassicThe classic injection method using CreateRemoteThread + WriteProcessMemory + LoadLibraryW.
loadlibrary.rsFunction:
inject_dll()2. Thread Hijack
StealthySuspend an existing thread, alter its RIP/PC to point to shellcode, then resume. No new thread creation required.
thread_hijack.rsFunction:
inject_dll_thread_hijack()3. APC Queue
Alertable WaitQueue an APC (Asynchronous Procedure Call) with LoadLibraryW on all threads. Fires when a thread enters an alertable wait state.
apc_queue.rsFunction:
inject_dll_apc_queue()4. EarlyBird
Guaranteed ExecutionCreate a suspended remote thread, queue an APC before the thread runs. APC fires during LdrInitializeThunk, guaranteeing execution.
earlybird.rsFunction:
inject_dll_earlybird()5. Remote Mapping
No VirtualAllocExUse CreateFileMappingW + MapViewOfFile locally, then NtMapViewOfSection remotely. Avoids VirtualAllocEx/WriteProcessMemory entirely.
remote_mapping.rsFunction:
inject_dll_remote_mapping()6. Function Stomping
No New MemoryOverwrite a sacrificial function (default: setupapi.dll!SetupScanFileQueueA) in the remote process with LoadLibraryW shellcode. Avoids new executable memory allocation.
function_stomping.rsFunction:
inject_dll_function_stomping()7. Manual Mapping
AdvancedFull PE parsing, section mapping, import resolution, per-section memory protections,FlushInstructionCache, and call DllMain. No LoadLibrary call — DLL won't appear in module lists.
manual_map.rsFunction:
inject_dll_manual_map()- • PE header parsing (DOS → NT → Section Headers)
- • Section-by-section memory mapping
- • Import resolution with LoadLibraryA fallback
- • Per-section protections (PAGE_EXECUTE_READ for .text, PAGE_READWRITE for .data)
- • Base relocation processing
Usage
Access DLL injection via the UI:
- Right-click on a process in the Process tab
- Navigate to Miscellaneous → DLL Injection
- Select the injection method
- Browse for the DLL file to inject
- Click Inject
Method Comparison
| Method | New Thread | VirtualAllocEx | In Module List |
|---|---|---|---|
| LoadLibrary | Yes | Yes | Yes |
| Thread Hijack | No | Yes | Yes |
| APC Queue | No | Yes | Yes |
| EarlyBird | Yes | Yes | Yes |
| Remote Mapping | Yes | No | Yes |
| Function Stomping | Yes | No | Yes |
| Manual Mapping | Yes | Yes | No |