Skip to content

Neotoxic-off/Injectra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
.github/workflows
.github/workflows
Β 
Β 
src
src
Β 
Β 
.gitattributes
.gitattributes
Β 
Β 
.gitignore
.gitignore
Β 
Β 
CMakeLists.txt
CMakeLists.txt
Β 
Β 
Injectra.sln
Injectra.sln
Β 
Β 
Injectra.vcxproj
Injectra.vcxproj
Β 
Β 
Injectra.vcxproj.filters
Injectra.vcxproj.filters
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

Injectra

Universal Windows DLL injector. Safety-first LoadLibraryW injection with PE validation, architecture checks, already-loaded detection, eject mode, and structured colorized logs.

Built for legitimate use: debugging, modding, instrumentation, plugin loading, and security research on systems you own or are authorized to test. Do not use to bypass anti-cheat, EULAs, or to target software or systems you do not have permission to instrument.

Features

  • PE validation β€” verifies the file is a real PE, is a DLL, and detects its architecture before doing anything to the target.
  • Architecture matching β€” refuses to inject an x86 DLL into an x64 process (or vice versa) unless --force is given. ARM64 supported.
  • Already-loaded detection β€” won't double-inject the same module by name.
  • Eject mode β€” --eject <module> calls FreeLibrary remotely to cleanly unload a previously injected DLL.
  • Wait-for-process β€” --wait polls until the target appears, with optional --timeout.
  • Process listing β€” --list [filter] enumerates running processes.
  • Dry run β€” --dry-run performs every check without touching the target.
  • Structured logs β€” millisecond timestamps, level tags, ANSI colors, optional --log file.txt.
  • Privilege upgrade β€” best-effort SeDebugPrivilege when run elevated.
  • No external dependencies β€” single executable, links only Windows SDK.
  • Both x86 and x64 builds β€” match the bitness of your target.

Build

Visual Studio 2022

Open Injectra.sln and build any of: Debug|Release Γ— Win32|x64.

CMake

cmake -S . -B build
cmake --build build --config Release

Output: build/x64/Release/injectra.exe (msbuild) or build/Release/injectra.exe (cmake).

Usage

injectra --dll <path> [--proc <name> | --pid <id>] [options]
injectra --eject <module> [--proc <name> | --pid <id>] [options]
injectra --list [filter]

Common examples

# Inject by process name
injectra --dll C:\mods\my.dll --proc notepad.exe

# Wait for the process to start (max 60s), log to file
injectra --dll mod.dll --proc game.exe --wait --timeout 60 --log run.log

# Inject by PID
injectra --dll mod.dll --pid 12345

# Eject a previously-loaded DLL
injectra --eject mod.dll --pid 12345

# List Chrome processes
injectra --list chrome

# Validate without touching the target
injectra --dll mod.dll --proc notepad.exe --dry-run --verbose

All options

Flag Description
--dll <path> DLL to inject
--proc <name> Target process name
--pid <id> Target by PID
--eject <module> Free a module from the target
--list [filter] List processes (optional substring filter)
--wait Wait for the target to appear
--timeout <sec> Timeout for --wait (0 = infinite)
--dry-run Validate everything, don't inject
--force Skip safety checks (arch, already-loaded)
--verbose Debug-level logging
--quiet Errors only
--no-color Disable ANSI colors
--no-banner Hide startup banner
--log <file> Append logs to file
--pause Pause before exit (handy for double-click)
-h, --help Show help
-v, --version Show version

Exit codes

Code Meaning
0 Success
1 Injection / eject failed at runtime
2 Argument or pre-flight validation error

How it works

Standard CreateRemoteThread + LoadLibraryW injection, with extra checks:

  1. Parse and validate the DLL's PE headers from disk (DOS + NT signatures, machine type, IMAGE_FILE_DLL flag).
  2. OpenProcess with the minimum rights needed; bail if denied.
  3. IsWow64Process2 to determine the target's effective arch and refuse a mismatched DLL unless --force.
  4. EnumProcessModulesEx to detect an already-loaded module of the same base name.
  5. VirtualAllocEx a PAGE_READWRITE buffer, WriteProcessMemory the full wide-char path, then CreateRemoteThread on LoadLibraryW.
  6. Wait up to 15 seconds for the remote thread, free remote memory, report the returned HMODULE.

Eject mirrors this: locate the module in the target, then CreateRemoteThread on FreeLibrary with that handle.

Caveats

  • Some processes refuse OpenProcess even from Administrator (protected processes, anti-cheat, AV self-protection). Injectra surfaces the Win32 error code; it does not attempt evasion.
  • --force skips safety checks but cannot fix an actual arch mismatch β€” the remote LoadLibraryW will still fail.
  • Run from a console matching the target's bitness when in doubt (x64 injector for x64 targets).

License

MIT β€” see LICENSE.

About

πŸ’‰ Universal Windows DLL injector safety-first LoadLibrary injection with PE validation, x86/x64/ARM64 arch matching, eject mode, dry-run, and colorized logs

Topics

injector injector-games injector-x64

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages