UnsafeNativeMethods.ps1

$systemdll = ([AppDomain]::CurrentDomain.GetAssemblies() | Where-Object { 
    $_.GlobalAssemblyCache -And $_.Location.Split('\\')[-1].Equals('System.dll') })
    
  $unsafeObj = $systemdll.GetType('Microsoft.Win32.UnsafeNativeMethods')

  $GetModuleHandle = $unsafeObj.GetMethod('GetModuleHandle')
  $GetModuleHandle.Invoke($null, @("user32.dll"))
  #$unsafeObj.GetMethods() | ForEach-Object {If($_.Name -eq "GetProcAddress") {$_}}

  $user32 = $GetModuleHandle.Invoke($null, @("user32.dll"))
  $tmp=@()
  $unsafeObj.GetMethods() | ForEach-Object {If($_.Name -eq "GetProcAddress") {$tmp+=$_}}
  $GetProcAddress = $tmp[0]
  $GetProcAddress.Invoke($null, @($user32, "MessageBoxA"))

  function LookupFunc {

	Param ($moduleName, $functionName)

	$assem = ([AppDomain]::CurrentDomain.GetAssemblies() | 
    Where-Object { $_.GlobalAssemblyCache -And $_.Location.Split('\\')[-1].
      Equals('System.dll') }).GetType('Microsoft.Win32.UnsafeNativeMethods')
    $tmp=@()
    $assem.GetMethods() | ForEach-Object {If($_.Name -eq "GetProcAddress") {$tmp+=$_}}
	return $tmp[0].Invoke($null, @(($assem.GetMethod('GetModuleHandle')).Invoke($null, @($moduleName)), $functionName))
}