x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

Remove unused SDKs

This commit is contained in:
Duncan Ogilvie 2022-09-09 13:44:12 +02:00
parent 160d66919e
commit 43caf023f8
8 changed files with 0 additions and 8313 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

964
SDK/CPP/TitanEngine.h
View File

@ -1,964 +0,0 @@
#ifndef TITANENGINE
#define TITANENGINE
#define TITCALL
#if _MSC_VER > 1000
#pragma once
#endif
#include <windows.h>
#pragma pack(push, 1)
// Global.Constant.Structure.Declaration:
// Engine.External:
const BYTE UE_STRUCT_PE32STRUCT = 1;
const BYTE UE_STRUCT_PE64STRUCT = 2;
const BYTE UE_STRUCT_PESTRUCT = 3;
const BYTE UE_STRUCT_IMPORTENUMDATA = 4;
const BYTE UE_STRUCT_THREAD_ITEM_DATA = 5;
const BYTE UE_STRUCT_LIBRARY_ITEM_DATA = 6;
const BYTE UE_STRUCT_LIBRARY_ITEM_DATAW = 7;
const BYTE UE_STRUCT_PROCESS_ITEM_DATA = 8;
const BYTE UE_STRUCT_HANDLERARRAY = 9;
const BYTE UE_STRUCT_PLUGININFORMATION = 10;
const BYTE UE_STRUCT_HOOK_ENTRY = 11;
const BYTE UE_STRUCT_FILE_STATUS_INFO = 12;
const BYTE UE_STRUCT_FILE_FIX_INFO = 13;
const BYTE UE_ACCESS_READ = 0;
const BYTE UE_ACCESS_WRITE = 1;
const BYTE UE_ACCESS_ALL = 2;
const BYTE UE_HIDE_PEBONLY = 0;
const BYTE UE_HIDE_BASIC = 1;
const BYTE UE_PLUGIN_CALL_REASON_PREDEBUG = 1;
const BYTE UE_PLUGIN_CALL_REASON_EXCEPTION = 2;
const BYTE UE_PLUGIN_CALL_REASON_POSTDEBUG = 3;
const BYTE UE_PLUGIN_CALL_REASON_UNHANDLEDEXCEPTION = 4;
const BYTE TEE_HOOK_NRM_JUMP = 1;
const BYTE TEE_HOOK_NRM_CALL = 3;
const BYTE TEE_HOOK_IAT = 5;
const BYTE UE_ENGINE_ALOW_MODULE_LOADING = 1;
const BYTE UE_ENGINE_AUTOFIX_FORWARDERS = 2;
const BYTE UE_ENGINE_PASS_ALL_EXCEPTIONS = 3;
const BYTE UE_ENGINE_NO_CONSOLE_WINDOW = 4;
const BYTE UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS = 5;
const BYTE UE_ENGINE_CALL_PLUGIN_CALLBACK = 6;
const BYTE UE_ENGINE_RESET_CUSTOM_HANDLER = 7;
const BYTE UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK = 8;
const BYTE UE_ENGINE_SET_DEBUG_PRIVILEGE = 9;
const BYTE UE_ENGINE_SAFE_ATTACH = 10;
const BYTE UE_ENGINE_MEMBP_ALT = 11;
const BYTE UE_OPTION_REMOVEALL = 1;
const BYTE UE_OPTION_DISABLEALL = 2;
const BYTE UE_OPTION_REMOVEALLDISABLED = 3;
const BYTE UE_OPTION_REMOVEALLENABLED = 4;
const BYTE UE_STATIC_DECRYPTOR_XOR = 1;
const BYTE UE_STATIC_DECRYPTOR_SUB = 2;
const BYTE UE_STATIC_DECRYPTOR_ADD = 3;
const BYTE UE_STATIC_DECRYPTOR_FOREWARD = 1;
const BYTE UE_STATIC_DECRYPTOR_BACKWARD = 2;
const BYTE UE_STATIC_KEY_SIZE_1 = 1;
const BYTE UE_STATIC_KEY_SIZE_2 = 2;
const BYTE UE_STATIC_KEY_SIZE_4 = 4;
const BYTE UE_STATIC_KEY_SIZE_8 = 8;
const BYTE UE_STATIC_APLIB = 1;
const BYTE UE_STATIC_APLIB_DEPACK = 2;
const BYTE UE_STATIC_LZMA = 3;
const BYTE UE_STATIC_HASH_MD5 = 1;
const BYTE UE_STATIC_HASH_SHA1 = 2;
const BYTE UE_STATIC_HASH_CRC32 = 3;
const DWORD UE_RESOURCE_LANGUAGE_ANY = -1;
const BYTE UE_PE_OFFSET = 0;
const BYTE UE_IMAGEBASE = 1;
const BYTE UE_OEP = 2;
const BYTE UE_SIZEOFIMAGE = 3;
const BYTE UE_SIZEOFHEADERS = 4;
const BYTE UE_SIZEOFOPTIONALHEADER = 5;
const BYTE UE_SECTIONALIGNMENT = 6;
const BYTE UE_IMPORTTABLEADDRESS = 7;
const BYTE UE_IMPORTTABLESIZE = 8;
const BYTE UE_RESOURCETABLEADDRESS = 9;
const BYTE UE_RESOURCETABLESIZE = 10;
const BYTE UE_EXPORTTABLEADDRESS = 11;
const BYTE UE_EXPORTTABLESIZE = 12;
const BYTE UE_TLSTABLEADDRESS = 13;
const BYTE UE_TLSTABLESIZE = 14;
const BYTE UE_RELOCATIONTABLEADDRESS = 15;
const BYTE UE_RELOCATIONTABLESIZE = 16;
const BYTE UE_TIMEDATESTAMP = 17;
const BYTE UE_SECTIONNUMBER = 18;
const BYTE UE_CHECKSUM = 19;
const BYTE UE_SUBSYSTEM = 20;
const BYTE UE_CHARACTERISTICS = 21;
const BYTE UE_NUMBEROFRVAANDSIZES = 22;
const BYTE UE_BASEOFCODE = 23;
const BYTE UE_BASEOFDATA = 24;
const BYTE UE_DLLCHARACTERISTICS = 25;
//leaving some enum space here for future additions
const BYTE UE_SECTIONNAME = 40;
const BYTE UE_SECTIONVIRTUALOFFSET = 41;
const BYTE UE_SECTIONVIRTUALSIZE = 42;
const BYTE UE_SECTIONRAWOFFSET = 43;
const BYTE UE_SECTIONRAWSIZE = 44;
const BYTE UE_SECTIONFLAGS = 45;
const long UE_VANOTFOUND = -2;
const BYTE UE_CH_BREAKPOINT = 1;
const BYTE UE_CH_SINGLESTEP = 2;
const BYTE UE_CH_ACCESSVIOLATION = 3;
const BYTE UE_CH_ILLEGALINSTRUCTION = 4;
const BYTE UE_CH_NONCONTINUABLEEXCEPTION = 5;
const BYTE UE_CH_ARRAYBOUNDSEXCEPTION = 6;
const BYTE UE_CH_FLOATDENORMALOPERAND = 7;
const BYTE UE_CH_FLOATDEVIDEBYZERO = 8;
const BYTE UE_CH_INTEGERDEVIDEBYZERO = 9;
const BYTE UE_CH_INTEGEROVERFLOW = 10;
const BYTE UE_CH_PRIVILEGEDINSTRUCTION = 11;
const BYTE UE_CH_PAGEGUARD = 12;
const BYTE UE_CH_EVERYTHINGELSE = 13;
const BYTE UE_CH_CREATETHREAD = 14;
const BYTE UE_CH_EXITTHREAD = 15;
const BYTE UE_CH_CREATEPROCESS = 16;
const BYTE UE_CH_EXITPROCESS = 17;
const BYTE UE_CH_LOADDLL = 18;
const BYTE UE_CH_UNLOADDLL = 19;
const BYTE UE_CH_OUTPUTDEBUGSTRING = 20;
const BYTE UE_CH_AFTEREXCEPTIONPROCESSING = 21;
const BYTE UE_CH_SYSTEMBREAKPOINT = 23;
const BYTE UE_CH_UNHANDLEDEXCEPTION = 24;
const BYTE UE_CH_RIPEVENT = 25;
const BYTE UE_CH_DEBUGEVENT = 26;
const BYTE UE_OPTION_HANDLER_RETURN_HANDLECOUNT = 1;
const BYTE UE_OPTION_HANDLER_RETURN_ACCESS = 2;
const BYTE UE_OPTION_HANDLER_RETURN_FLAGS = 3;
const BYTE UE_OPTION_HANDLER_RETURN_TYPENAME = 4;
const BYTE UE_BREAKPOINT_INT3 = 1;
const BYTE UE_BREAKPOINT_LONG_INT3 = 2;
const BYTE UE_BREAKPOINT_UD2 = 3;
const BYTE UE_BPXREMOVED = 0;
const BYTE UE_BPXACTIVE = 1;
const BYTE UE_BPXINACTIVE = 2;
const BYTE UE_BREAKPOINT = 0;
const BYTE UE_SINGLESHOOT = 1;
const BYTE UE_HARDWARE = 2;
const BYTE UE_MEMORY = 3;
const BYTE UE_MEMORY_READ = 4;
const BYTE UE_MEMORY_WRITE = 5;
const BYTE UE_MEMORY_EXECUTE = 6;
const DWORD UE_BREAKPOINT_TYPE_INT3 = 0x10000000;
const DWORD UE_BREAKPOINT_TYPE_LONG_INT3 = 0x20000000;
const DWORD UE_BREAKPOINT_TYPE_UD2 = 0x30000000;
const BYTE UE_HARDWARE_EXECUTE = 4;
const BYTE UE_HARDWARE_WRITE = 5;
const BYTE UE_HARDWARE_READWRITE = 6;
const BYTE UE_HARDWARE_SIZE_1 = 7;
const BYTE UE_HARDWARE_SIZE_2 = 8;
const BYTE UE_HARDWARE_SIZE_4 = 9;
const BYTE UE_HARDWARE_SIZE_8 = 10;
const BYTE UE_ON_LIB_LOAD = 1;
const BYTE UE_ON_LIB_UNLOAD = 2;
const BYTE UE_ON_LIB_ALL = 3;
const BYTE UE_APISTART = 0;
const BYTE UE_APIEND = 1;
const BYTE UE_PLATFORM_x86 = 1;
const BYTE UE_PLATFORM_x64 = 2;
const BYTE UE_PLATFORM_ALL = 3;
const BYTE UE_FUNCTION_STDCALL = 1;
const BYTE UE_FUNCTION_CCALL = 2;
const BYTE UE_FUNCTION_FASTCALL = 3;
const BYTE UE_FUNCTION_STDCALL_RET = 4;
const BYTE UE_FUNCTION_CCALL_RET = 5;
const BYTE UE_FUNCTION_FASTCALL_RET = 6;
const BYTE UE_FUNCTION_STDCALL_CALL = 7;
const BYTE UE_FUNCTION_CCALL_CALL = 8;
const BYTE UE_FUNCTION_FASTCALL_CALL = 9;
const BYTE UE_PARAMETER_BYTE = 0;
const BYTE UE_PARAMETER_WORD = 1;
const BYTE UE_PARAMETER_DWORD = 2;
const BYTE UE_PARAMETER_QWORD = 3;
const BYTE UE_PARAMETER_PTR_BYTE = 4;
const BYTE UE_PARAMETER_PTR_WORD = 5;
const BYTE UE_PARAMETER_PTR_DWORD = 6;
const BYTE UE_PARAMETER_PTR_QWORD = 7;
const BYTE UE_PARAMETER_STRING = 8;
const BYTE UE_PARAMETER_UNICODE = 9;
const BYTE UE_EAX = 1;
const BYTE UE_EBX = 2;
const BYTE UE_ECX = 3;
const BYTE UE_EDX = 4;
const BYTE UE_EDI = 5;
const BYTE UE_ESI = 6;
const BYTE UE_EBP = 7;
const BYTE UE_ESP = 8;
const BYTE UE_EIP = 9;
const BYTE UE_EFLAGS = 10;
const BYTE UE_DR0 = 11;
const BYTE UE_DR1 = 12;
const BYTE UE_DR2 = 13;
const BYTE UE_DR3 = 14;
const BYTE UE_DR6 = 15;
const BYTE UE_DR7 = 16;
const BYTE UE_RAX = 17;
const BYTE UE_RBX = 18;
const BYTE UE_RCX = 19;
const BYTE UE_RDX = 20;
const BYTE UE_RDI = 21;
const BYTE UE_RSI = 22;
const BYTE UE_RBP = 23;
const BYTE UE_RSP = 24;
const BYTE UE_RIP = 25;
const BYTE UE_RFLAGS = 26;
const BYTE UE_R8 = 27;
const BYTE UE_R9 = 28;
const BYTE UE_R10 = 29;
const BYTE UE_R11 = 30;
const BYTE UE_R12 = 31;
const BYTE UE_R13 = 32;
const BYTE UE_R14 = 33;
const BYTE UE_R15 = 34;
const BYTE UE_CIP = 35;
const BYTE UE_CSP = 36;
#ifdef _WIN64
const BYTE UE_CFLAGS = UE_RFLAGS;
#else
const BYTE UE_CFLAGS = UE_EFLAGS;
#endif
const BYTE UE_SEG_GS = 37;
const BYTE UE_SEG_FS = 38;
const BYTE UE_SEG_ES = 39;
const BYTE UE_SEG_DS = 40;
const BYTE UE_SEG_CS = 41;
const BYTE UE_SEG_SS = 42;
typedef struct
{
DWORD PE32Offset;
DWORD ImageBase;
DWORD OriginalEntryPoint;
DWORD BaseOfCode;
DWORD BaseOfData;
DWORD NtSizeOfImage;
DWORD NtSizeOfHeaders;
WORD SizeOfOptionalHeaders;
DWORD FileAlignment;
DWORD SectionAligment;
DWORD ImportTableAddress;
DWORD ImportTableSize;
DWORD ResourceTableAddress;
DWORD ResourceTableSize;
DWORD ExportTableAddress;
DWORD ExportTableSize;
DWORD TLSTableAddress;
DWORD TLSTableSize;
DWORD RelocationTableAddress;
DWORD RelocationTableSize;
DWORD TimeDateStamp;
WORD SectionNumber;
DWORD CheckSum;
WORD SubSystem;
WORD Characteristics;
DWORD NumberOfRvaAndSizes;
} PE32Struct, *PPE32Struct;
typedef struct
{
DWORD PE64Offset;
DWORD64 ImageBase;
DWORD OriginalEntryPoint;
DWORD BaseOfCode;
DWORD BaseOfData;
DWORD NtSizeOfImage;
DWORD NtSizeOfHeaders;
WORD SizeOfOptionalHeaders;
DWORD FileAlignment;
DWORD SectionAligment;
DWORD ImportTableAddress;
DWORD ImportTableSize;
DWORD ResourceTableAddress;
DWORD ResourceTableSize;
DWORD ExportTableAddress;
DWORD ExportTableSize;
DWORD TLSTableAddress;
DWORD TLSTableSize;
DWORD RelocationTableAddress;
DWORD RelocationTableSize;
DWORD TimeDateStamp;
WORD SectionNumber;
DWORD CheckSum;
WORD SubSystem;
WORD Characteristics;
DWORD NumberOfRvaAndSizes;
} PE64Struct, *PPE64Struct;
#if defined(_WIN64)
typedef PE64Struct PEStruct;
#else
typedef PE32Struct PEStruct;
#endif
typedef struct
{
bool NewDll;
int NumberOfImports;
ULONG_PTR ImageBase;
ULONG_PTR BaseImportThunk;
ULONG_PTR ImportThunk;
char* APIName;
char* DLLName;
} ImportEnumData, *PImportEnumData;
typedef struct
{
HANDLE hThread;
DWORD dwThreadId;
void* ThreadStartAddress;
void* ThreadLocalBase;
void* TebAddress;
ULONG WaitTime;
LONG Priority;
LONG BasePriority;
ULONG ContextSwitches;
ULONG ThreadState;
ULONG WaitReason;
} THREAD_ITEM_DATA, *PTHREAD_ITEM_DATA;
typedef struct
{
HANDLE hFile;
void* BaseOfDll;
HANDLE hFileMapping;
void* hFileMappingView;
char szLibraryPath[MAX_PATH];
char szLibraryName[MAX_PATH];
} LIBRARY_ITEM_DATA, *PLIBRARY_ITEM_DATA;
typedef struct
{
HANDLE hFile;
void* BaseOfDll;
HANDLE hFileMapping;
void* hFileMappingView;
wchar_t szLibraryPath[MAX_PATH];
wchar_t szLibraryName[MAX_PATH];
} LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
typedef struct
{
HANDLE hProcess;
DWORD dwProcessId;
HANDLE hThread;
DWORD dwThreadId;
HANDLE hFile;
void* BaseOfImage;
void* ThreadStartAddress;
void* ThreadLocalBase;
} PROCESS_ITEM_DATA, *PPROCESS_ITEM_DATA;
typedef struct
{
ULONG ProcessId;
HANDLE hHandle;
} HandlerArray, *PHandlerArray;
typedef struct
{
char PluginName[64];
DWORD PluginMajorVersion;
DWORD PluginMinorVersion;
HMODULE PluginBaseAddress;
void* TitanDebuggingCallBack;
void* TitanRegisterPlugin;
void* TitanReleasePlugin;
void* TitanResetPlugin;
bool PluginDisabled;
} PluginInformation, *PPluginInformation;
const size_t TEE_MAXIMUM_HOOK_SIZE = 14;
const size_t TEE_MAXIMUM_HOOK_RELOCS = 7;
#if defined(_WIN64)
const size_t TEE_MAXIMUM_HOOK_INSERT_SIZE = 14;
#else
const size_t TEE_MAXIMUM_HOOK_INSERT_SIZE = 5;
#endif
typedef struct HOOK_ENTRY
{
bool IATHook;
BYTE HookType;
DWORD HookSize;
void* HookAddress;
void* RedirectionAddress;
BYTE HookBytes[TEE_MAXIMUM_HOOK_SIZE];
BYTE OriginalBytes[TEE_MAXIMUM_HOOK_SIZE];
void* IATHookModuleBase;
DWORD IATHookNameHash;
bool HookIsEnabled;
bool HookIsRemote;
void* PatchedEntry;
DWORD RelocationInfo[TEE_MAXIMUM_HOOK_RELOCS];
int RelocationCount;
} HOOK_ENTRY, *PHOOK_ENTRY;
const BYTE UE_DEPTH_SURFACE = 0;
const BYTE UE_DEPTH_DEEP = 1;
const BYTE UE_UNPACKER_CONDITION_SEARCH_FROM_EP = 1;
const BYTE UE_UNPACKER_CONDITION_LOADLIBRARY = 1;
const BYTE UE_UNPACKER_CONDITION_GETPROCADDRESS = 2;
const BYTE UE_UNPACKER_CONDITION_ENTRYPOINTBREAK = 3;
const BYTE UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 = 4;
const BYTE UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 = 5;
const BYTE UE_FIELD_OK = 0;
const BYTE UE_FIELD_BROKEN_NON_FIXABLE = 1;
const BYTE UE_FIELD_BROKEN_NON_CRITICAL = 2;
const BYTE UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE = 3;
const BYTE UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED = 4;
const BYTE UE_FIELD_FIXABLE_NON_CRITICAL = 5;
const BYTE UE_FIELD_FIXABLE_CRITICAL = 6;
const BYTE UE_FIELD_NOT_PRESET = 7;
const BYTE UE_FIELD_NOT_PRESET_WARNING = 8;
const BYTE UE_RESULT_FILE_OK = 10;
const BYTE UE_RESULT_FILE_INVALID_BUT_FIXABLE = 11;
const BYTE UE_RESULT_FILE_INVALID_AND_NON_FIXABLE = 12;
const BYTE UE_RESULT_FILE_INVALID_FORMAT = 13;
typedef struct
{
BYTE OveralEvaluation;
bool EvaluationTerminatedByException;
bool FileIs64Bit;
bool FileIsDLL;
bool FileIsConsole;
bool MissingDependencies;
bool MissingDeclaredAPIs;
BYTE SignatureMZ;
BYTE SignaturePE;
BYTE EntryPoint;
BYTE ImageBase;
BYTE SizeOfImage;
BYTE FileAlignment;
BYTE SectionAlignment;
BYTE ExportTable;
BYTE RelocationTable;
BYTE ImportTable;
BYTE ImportTableSection;
BYTE ImportTableData;
BYTE IATTable;
BYTE TLSTable;
BYTE LoadConfigTable;
BYTE BoundImportTable;
BYTE COMHeaderTable;
BYTE ResourceTable;
BYTE ResourceData;
BYTE SectionTable;
} FILE_STATUS_INFO, *PFILE_STATUS_INFO;
typedef struct
{
BYTE OveralEvaluation;
bool FixingTerminatedByException;
bool FileFixPerformed;
bool StrippedRelocation;
bool DontFixRelocations;
DWORD OriginalRelocationTableAddress;
DWORD OriginalRelocationTableSize;
bool StrippedExports;
bool DontFixExports;
DWORD OriginalExportTableAddress;
DWORD OriginalExportTableSize;
bool StrippedResources;
bool DontFixResources;
DWORD OriginalResourceTableAddress;
DWORD OriginalResourceTableSize;
bool StrippedTLS;
bool DontFixTLS;
DWORD OriginalTLSTableAddress;
DWORD OriginalTLSTableSize;
bool StrippedLoadConfig;
bool DontFixLoadConfig;
DWORD OriginalLoadConfigTableAddress;
DWORD OriginalLoadConfigTableSize;
bool StrippedBoundImports;
bool DontFixBoundImports;
DWORD OriginalBoundImportTableAddress;
DWORD OriginalBoundImportTableSize;
bool StrippedIAT;
bool DontFixIAT;
DWORD OriginalImportAddressTableAddress;
DWORD OriginalImportAddressTableSize;
bool StrippedCOM;
bool DontFixCOM;
DWORD OriginalCOMTableAddress;
DWORD OriginalCOMTableSize;
} FILE_FIX_INFO, *PFILE_FIX_INFO;
#ifdef __cplusplus
extern "C" {
#endif /*__cplusplus*/
// Global.Function.Declaration:
// TitanEngine.Dumper.functions:
__declspec(dllimport) bool TITCALL DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
__declspec(dllimport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
__declspec(dllimport) bool TITCALL DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
__declspec(dllimport) bool TITCALL DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
__declspec(dllimport) bool TITCALL DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly);
__declspec(dllimport) bool TITCALL DumpRegionsW(HANDLE hProcess, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
__declspec(dllimport) bool TITCALL DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly);
__declspec(dllimport) bool TITCALL DumpRegionsExW(DWORD ProcessId, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
__declspec(dllimport) bool TITCALL DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName);
__declspec(dllimport) bool TITCALL DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL PastePEHeader(HANDLE hProcess, LPVOID ImageBase, char* szDebuggedFileName);
__declspec(dllimport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDebuggedFileName);
__declspec(dllimport) bool TITCALL ExtractSection(char* szFileName, char* szDumpFileName, DWORD SectionNumber);
__declspec(dllimport) bool TITCALL ExtractSectionW(wchar_t* szFileName, wchar_t* szDumpFileName, DWORD SectionNumber);
__declspec(dllimport) bool TITCALL ResortFileSections(char* szFileName);
__declspec(dllimport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL FindOverlay(char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
__declspec(dllimport) bool TITCALL FindOverlayW(wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
__declspec(dllimport) bool TITCALL ExtractOverlay(char* szFileName, char* szExtractedFileName);
__declspec(dllimport) bool TITCALL ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtractedFileName);
__declspec(dllimport) bool TITCALL AddOverlay(char* szFileName, char* szOverlayFileName);
__declspec(dllimport) bool TITCALL AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName);
__declspec(dllimport) bool TITCALL CopyOverlay(char* szInFileName, char* szOutFileName);
__declspec(dllimport) bool TITCALL CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName);
__declspec(dllimport) bool TITCALL RemoveOverlay(char* szFileName);
__declspec(dllimport) bool TITCALL RemoveOverlayW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL MakeAllSectionsRWE(char* szFileName);
__declspec(dllimport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName);
__declspec(dllimport) long TITCALL AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
__declspec(dllimport) long TITCALL AddNewSectionExW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
__declspec(dllimport) long TITCALL AddNewSection(char* szFileName, char* szSectionName, DWORD SectionSize);
__declspec(dllimport) long TITCALL AddNewSectionW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize);
__declspec(dllimport) bool TITCALL ResizeLastSection(char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
__declspec(dllimport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
__declspec(dllimport) void TITCALL SetSharedOverlay(char* szFileName);
__declspec(dllimport) void TITCALL SetSharedOverlayW(wchar_t* szFileName);
__declspec(dllimport) char* TITCALL GetSharedOverlay();
__declspec(dllimport) wchar_t* TITCALL GetSharedOverlayW();
__declspec(dllimport) bool TITCALL DeleteLastSection(char* szFileName);
__declspec(dllimport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections);
__declspec(dllimport) bool TITCALL DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections);
__declspec(dllimport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData);
__declspec(dllimport) ULONG_PTR TITCALL GetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData);
__declspec(dllimport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData);
__declspec(dllimport) bool TITCALL GetPE32DataFromMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
__declspec(dllimport) bool TITCALL GetPE32DataEx(char* szFileName, LPVOID DataStorage);
__declspec(dllimport) bool TITCALL GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
__declspec(dllimport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
__declspec(dllimport) bool TITCALL SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
__declspec(dllimport) bool TITCALL SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
__declspec(dllimport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
__declspec(dllimport) bool TITCALL SetPE32DataEx(char* szFileName, LPVOID DataStorage);
__declspec(dllimport) bool TITCALL SetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
__declspec(dllimport) long TITCALL GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert);
__declspec(dllimport) ULONG_PTR TITCALL ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
__declspec(dllimport) ULONG_PTR TITCALL ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType);
__declspec(dllimport) ULONG_PTR TITCALL ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
__declspec(dllimport) ULONG_PTR TITCALL ConvertFileOffsetToVAEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool ReturnType);
__declspec(dllimport) bool TITCALL MemoryReadSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesRead);
__declspec(dllimport) bool TITCALL MemoryWriteSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesWritten);
// TitanEngine.Realigner.functions:
__declspec(dllimport) bool TITCALL FixHeaderCheckSum(char* szFileName);
__declspec(dllimport) bool TITCALL FixHeaderCheckSumW(wchar_t* szFileName);
__declspec(dllimport) long TITCALL RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode);
__declspec(dllimport) long TITCALL RealignPEEx(char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
__declspec(dllimport) long TITCALL RealignPEExW(wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
__declspec(dllimport) bool TITCALL WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically);
__declspec(dllimport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically);
__declspec(dllimport) bool TITCALL IsPE32FileValidEx(char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
__declspec(dllimport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
__declspec(dllimport) bool TITCALL FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
__declspec(dllimport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
__declspec(dllimport) bool TITCALL IsFileDLL(char* szFileName, ULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA);
// TitanEngine.Hider.functions:
__declspec(dllimport) void* TITCALL GetPEBLocation(HANDLE hProcess);
__declspec(dllimport) void* TITCALL GetPEBLocation64(HANDLE hProcess);
__declspec(dllimport) void* TITCALL GetTEBLocation(HANDLE hThread);
__declspec(dllimport) void* TITCALL GetTEBLocation64(HANDLE hThread);
__declspec(dllimport) bool TITCALL HideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
__declspec(dllimport) bool TITCALL UnHideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
// TitanEngine.Relocater.functions:
__declspec(dllimport) void TITCALL RelocaterCleanup();
__declspec(dllimport) void TITCALL RelocaterInit(DWORD MemorySize, ULONG_PTR OldImageBase, ULONG_PTR NewImageBase);
__declspec(dllimport) void TITCALL RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState);
__declspec(dllimport) long TITCALL RelocaterEstimatedSize();
__declspec(dllimport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL RelocaterExportRelocationEx(char* szFileName, char* szSectionName);
__declspec(dllimport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName);
__declspec(dllimport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize);
__declspec(dllimport) bool TITCALL RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage);
__declspec(dllimport) bool TITCALL RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
__declspec(dllimport) bool TITCALL RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
__declspec(dllimport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart);
__declspec(dllimport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart);
__declspec(dllimport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase);
__declspec(dllimport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase);
__declspec(dllimport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase);
__declspec(dllimport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName);
__declspec(dllimport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFileName);
// TitanEngine.Resourcer.functions:
__declspec(dllimport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUse(char* szFileName);
__declspec(dllimport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUseW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL ResourcerFreeLoadedFile(LPVOID LoadedFileBase);
__declspec(dllimport) bool TITCALL ResourcerExtractResourceFromFileEx(HMODULE hFile, char* szResourceType, char* szResourceName, char* szExtractedFileName);
__declspec(dllimport) bool TITCALL ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
__declspec(dllimport) bool TITCALL ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
__declspec(dllimport) bool TITCALL ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
__declspec(dllimport) bool TITCALL ResourcerFindResourceW(wchar_t* szFileName, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
__declspec(dllimport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
__declspec(dllimport) void TITCALL ResourcerEnumerateResource(char* szFileName, void* CallBack);
__declspec(dllimport) void TITCALL ResourcerEnumerateResourceW(wchar_t* szFileName, void* CallBack);
__declspec(dllimport) void TITCALL ResourcerEnumerateResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, void* CallBack);
// TitanEngine.Threader.functions:
__declspec(dllimport) bool TITCALL ThreaderImportRunningThreadData(DWORD ProcessId);
__declspec(dllimport) void* TITCALL ThreaderGetThreadInfo(HANDLE hThread, DWORD ThreadId);
__declspec(dllimport) void TITCALL ThreaderEnumThreadInfo(void* EnumCallBack);
__declspec(dllimport) bool TITCALL ThreaderPauseThread(HANDLE hThread);
__declspec(dllimport) bool TITCALL ThreaderResumeThread(HANDLE hThread);
__declspec(dllimport) bool TITCALL ThreaderTerminateThread(HANDLE hThread, DWORD ThreadExitCode);
__declspec(dllimport) bool TITCALL ThreaderPauseAllThreads(bool LeaveMainRunning);
__declspec(dllimport) bool TITCALL ThreaderResumeAllThreads(bool LeaveMainPaused);
__declspec(dllimport) bool TITCALL ThreaderPauseProcess();
__declspec(dllimport) bool TITCALL ThreaderResumeProcess();
__declspec(dllimport) ULONG_PTR TITCALL ThreaderCreateRemoteThread(ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
__declspec(dllimport) bool TITCALL ThreaderInjectAndExecuteCode(LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
__declspec(dllimport) ULONG_PTR TITCALL ThreaderCreateRemoteThreadEx(HANDLE hProcess, ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
__declspec(dllimport) bool TITCALL ThreaderInjectAndExecuteCodeEx(HANDLE hProcess, LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
__declspec(dllimport) void TITCALL ThreaderSetCallBackForNextExitThreadEvent(LPVOID exitThreadCallBack);
__declspec(dllimport) bool TITCALL ThreaderIsThreadStillRunning(HANDLE hThread);
__declspec(dllimport) bool TITCALL ThreaderIsThreadActive(HANDLE hThread);
__declspec(dllimport) bool TITCALL ThreaderIsAnyThreadActive();
__declspec(dllimport) bool TITCALL ThreaderExecuteOnlyInjectedThreads();
__declspec(dllimport) ULONG_PTR TITCALL ThreaderGetOpenHandleForThread(DWORD ThreadId);
__declspec(dllimport) bool TITCALL ThreaderIsExceptionInMainThread();
// TitanEngine.Debugger.functions:
__declspec(dllimport) void* TITCALL StaticDisassembleEx(ULONG_PTR DisassmStart, LPVOID DisassmAddress);
__declspec(dllimport) void* TITCALL StaticDisassemble(LPVOID DisassmAddress);
__declspec(dllimport) void* TITCALL DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress, bool ReturnInstructionType);
__declspec(dllimport) void* TITCALL Disassemble(LPVOID DisassmAddress);
__declspec(dllimport) long TITCALL StaticLengthDisassemble(LPVOID DisassmAddress);
__declspec(dllimport) long TITCALL LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
__declspec(dllimport) long TITCALL LengthDisassemble(LPVOID DisassmAddress);
__declspec(dllimport) void* TITCALL InitDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
__declspec(dllimport) void* TITCALL InitDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
__declspec(dllimport) void* TITCALL InitNativeDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
__declspec(dllimport) void* TITCALL InitNativeDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
__declspec(dllimport) void* TITCALL InitDebugEx(char* szFileName, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
__declspec(dllimport) void* TITCALL InitDebugExW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
__declspec(dllimport) void* TITCALL InitDLLDebug(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
__declspec(dllimport) void* TITCALL InitDLLDebugW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
__declspec(dllimport) bool TITCALL StopDebug();
__declspec(dllimport) void TITCALL SetBPXOptions(long DefaultBreakPointType);
__declspec(dllimport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress);
__declspec(dllimport) bool TITCALL EnableBPX(ULONG_PTR bpxAddress);
__declspec(dllimport) bool TITCALL DisableBPX(ULONG_PTR bpxAddress);
__declspec(dllimport) bool TITCALL SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL DeleteBPX(ULONG_PTR bpxAddress);
__declspec(dllimport) bool TITCALL SafeDeleteBPX(ULONG_PTR bpxAddress);
__declspec(dllimport) bool TITCALL SetAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL DeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace);
__declspec(dllimport) bool TITCALL SafeDeleteAPIBreakPoint(const char* szDLLName, const char* szAPIName, DWORD bpxPlace);
__declspec(dllimport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory);
__declspec(dllimport) bool TITCALL GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
__declspec(dllimport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister);
__declspec(dllimport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister);
__declspec(dllimport) bool TITCALL SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
__declspec(dllimport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
__declspec(dllimport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
__declspec(dllimport) void TITCALL ClearExceptionNumber();
__declspec(dllimport) long TITCALL CurrentExceptionNumber();
__declspec(dllimport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
__declspec(dllimport) bool TITCALL MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
__declspec(dllimport) ULONG_PTR TITCALL FindEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
__declspec(dllimport) ULONG_PTR TITCALL Find(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
__declspec(dllimport) bool TITCALL FillEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
__declspec(dllimport) bool TITCALL Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
__declspec(dllimport) bool TITCALL PatchEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
__declspec(dllimport) bool TITCALL Patch(LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
__declspec(dllimport) bool TITCALL ReplaceEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
__declspec(dllimport) bool TITCALL Replace(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
__declspec(dllimport) void* TITCALL GetDebugData();
__declspec(dllimport) void* TITCALL GetTerminationData();
__declspec(dllimport) long TITCALL GetExitCode();
__declspec(dllimport) ULONG_PTR TITCALL GetDebuggedDLLBaseAddress();
__declspec(dllimport) ULONG_PTR TITCALL GetDebuggedFileBaseAddress();
__declspec(dllimport) bool TITCALL GetRemoteString(HANDLE hProcess, LPVOID StringAddress, LPVOID StringStorage, int MaximumStringSize);
__declspec(dllimport) ULONG_PTR TITCALL GetFunctionParameter(HANDLE hProcess, DWORD FunctionType, DWORD ParameterNumber, DWORD ParameterType);
__declspec(dllimport) ULONG_PTR TITCALL GetJumpDestinationEx(HANDLE hProcess, ULONG_PTR InstructionAddress, bool JustJumps);
__declspec(dllimport) ULONG_PTR TITCALL GetJumpDestination(HANDLE hProcess, ULONG_PTR InstructionAddress);
__declspec(dllimport) bool TITCALL IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags);
__declspec(dllimport) bool TITCALL IsJumpGoingToExecute();
__declspec(dllimport) void TITCALL SetCustomHandler(DWORD ExceptionId, LPVOID CallBack);
__declspec(dllimport) void TITCALL ForceClose();
__declspec(dllimport) void TITCALL StepInto(LPVOID traceCallBack);
__declspec(dllimport) void TITCALL StepOver(LPVOID traceCallBack);
__declspec(dllimport) void TITCALL StepOut(LPVOID StepOut, bool StepFinal);
__declspec(dllimport) void TITCALL SingleStep(DWORD StepCount, LPVOID StepCallBack);
__declspec(dllimport) bool TITCALL GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex);
__declspec(dllimport) bool TITCALL SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack, LPDWORD IndexOfSelectedRegister);
__declspec(dllimport) bool TITCALL SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL DeleteHardwareBreakPoint(DWORD IndexOfRegister);
__declspec(dllimport) bool TITCALL RemoveAllBreakPoints(DWORD RemoveOption);
__declspec(dllexport) PROCESS_INFORMATION* TITCALL TitanGetProcessInformation();
__declspec(dllexport) STARTUPINFOW* TITCALL TitanGetStartupInformation();
__declspec(dllimport) void TITCALL DebugLoop();
__declspec(dllimport) void TITCALL SetDebugLoopTimeOut(DWORD TimeOut);
__declspec(dllimport) void TITCALL SetNextDbgContinueStatus(DWORD SetDbgCode);
__declspec(dllimport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack);
__declspec(dllimport) bool TITCALL DetachDebugger(DWORD ProcessId);
__declspec(dllimport) bool TITCALL DetachDebuggerEx(DWORD ProcessId);
__declspec(dllimport) void TITCALL DebugLoopEx(DWORD TimeOut);
__declspec(dllimport) void TITCALL AutoDebugEx(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
__declspec(dllimport) void TITCALL AutoDebugExW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
__declspec(dllimport) bool TITCALL IsFileBeingDebugged();
__declspec(dllimport) void TITCALL SetErrorModel(bool DisplayErrorMessages);
// TitanEngine.FindOEP.functions:
__declspec(dllimport) void TITCALL FindOEPInit();
__declspec(dllimport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
__declspec(dllimport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
// TitanEngine.Importer.functions:
__declspec(dllimport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
__declspec(dllimport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
__declspec(dllimport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
__declspec(dllimport) long TITCALL ImporterGetAddedDllCount();
__declspec(dllimport) long TITCALL ImporterGetAddedAPICount();
__declspec(dllimport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap);
__declspec(dllimport) long TITCALL ImporterEstimatedSize();
__declspec(dllimport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName);
__declspec(dllimport) bool TITCALL ImporterExportIATExW(wchar_t* szDumpFileName, wchar_t* szExportFileName, wchar_t* szSectionName = L".RL!TEv2");
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindAPIWriteLocation(char* szAPIName);
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber);
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation);
__declspec(dllimport) ULONG_PTR TITCALL ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation);
__declspec(dllimport) void* TITCALL ImporterGetDLLName(ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetDLLNameW(ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetAPIName(ULONG_PTR APIAddress);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetAPIOrdinalNumber(ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetAPINameEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddressEx(char* szDLLName, char* szAPIName);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetLocalAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetDLLNameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetDLLNameFromDebugeeW(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetAPINameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetAPIOrdinalNumberFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
__declspec(dllimport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName);
__declspec(dllimport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, wchar_t* szModuleName);
__declspec(dllimport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) long TITCALL ImporterGetForwardedDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetForwardedAPIOrdinalNumber(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) ULONG_PTR TITCALL ImporterGetNearestAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) void* TITCALL ImporterGetNearestAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
__declspec(dllimport) bool TITCALL ImporterCopyOriginalIAT(char* szOriginalFile, char* szDumpFile);
__declspec(dllimport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile);
__declspec(dllimport) bool TITCALL ImporterLoadImportTable(char* szFileName);
__declspec(dllimport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName);
__declspec(dllimport) bool TITCALL ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName);
__declspec(dllimport) void TITCALL ImporterAutoSearchIAT(DWORD ProcessId, char* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize);
__declspec(dllimport) void TITCALL ImporterAutoSearchIATW(DWORD ProcessIds, wchar_t* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize);
__declspec(dllimport) void TITCALL ImporterAutoSearchIATEx(DWORD ProcessId, ULONG_PTR ImageBase, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize);
__declspec(dllimport) void TITCALL ImporterEnumAddedData(LPVOID EnumCallBack);
__declspec(dllimport) long TITCALL ImporterAutoFixIATEx(DWORD ProcessId, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
__declspec(dllimport) long TITCALL ImporterAutoFixIATExW(DWORD ProcessId, wchar_t* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
__declspec(dllimport) long TITCALL ImporterAutoFixIAT(DWORD ProcessId, char* szDumpedFile, ULONG_PTR SearchStart);
__declspec(dllimport) long TITCALL ImporterAutoFixIATW(DWORD ProcessId, wchar_t* szDumpedFile, ULONG_PTR SearchStart);
__declspec(dllimport) bool TITCALL ImporterDeleteAPI(DWORD_PTR apiAddr);
// Global.Engine.Hook.functions:
__declspec(dllimport) bool TITCALL HooksSafeTransitionEx(LPVOID HookAddressArray, int NumberOfHooks, bool TransitionStart);
__declspec(dllimport) bool TITCALL HooksSafeTransition(LPVOID HookAddress, bool TransitionStart);
__declspec(dllimport) bool TITCALL HooksIsAddressRedirected(LPVOID HookAddress);
__declspec(dllimport) void* TITCALL HooksGetTrampolineAddress(LPVOID HookAddress);
__declspec(dllimport) void* TITCALL HooksGetHookEntryDetails(LPVOID HookAddress);
__declspec(dllimport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType);
__declspec(dllimport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo);
__declspec(dllimport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo);
__declspec(dllimport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll);
__declspec(dllimport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE ModuleBase);
__declspec(dllimport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll);
__declspec(dllimport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, bool DisableAll);
__declspec(dllimport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE ModuleBase);
__declspec(dllimport) bool TITCALL HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll);
__declspec(dllimport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bool EnableAll);
__declspec(dllimport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE ModuleBase);
__declspec(dllimport) bool TITCALL HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll);
__declspec(dllimport) void TITCALL HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack);
__declspec(dllimport) void TITCALL HooksScanEntireProcessMemory(LPVOID CallBack);
__declspec(dllimport) void TITCALL HooksScanEntireProcessMemoryEx();
// TitanEngine.Tracer.functions:
__declspec(dllimport) void TITCALL TracerInit();
__declspec(dllimport) ULONG_PTR TITCALL TracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace);
__declspec(dllimport) ULONG_PTR TITCALL HashTracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD InputNumberOfInstructions);
__declspec(dllimport) long TITCALL TracerDetectRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace);
__declspec(dllimport) ULONG_PTR TITCALL TracerFixKnownRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD RedirectionId);
__declspec(dllimport) ULONG_PTR TITCALL TracerFixRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD IdParameter);
__declspec(dllimport) ULONG_PTR TITCALL TracerDetectRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, PDWORD ReturnedId);
__declspec(dllimport) long TITCALL TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, char* szPluginName, ULONG_PTR AddressToTrace);
// TitanEngine.Exporter.functions:
__declspec(dllimport) void TITCALL ExporterCleanup();
__declspec(dllimport) void TITCALL ExporterSetImageBase(ULONG_PTR ImageBase);
__declspec(dllimport) void TITCALL ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, char* szExportModuleName);
__declspec(dllimport) bool TITCALL ExporterAddNewExport(char* szExportName, DWORD ExportRelativeAddress);
__declspec(dllimport) bool TITCALL ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress);
__declspec(dllimport) long TITCALL ExporterGetAddedExportCount();
__declspec(dllimport) long TITCALL ExporterEstimatedSize();
__declspec(dllimport) bool TITCALL ExporterBuildExportTable(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName);
__declspec(dllimport) bool TITCALL ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName);
__declspec(dllimport) bool TITCALL ExporterLoadExportTable(char* szFileName);
__declspec(dllimport) bool TITCALL ExporterLoadExportTableW(wchar_t* szFileName);
// TitanEngine.Librarian.functions:
__declspec(dllimport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType);
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName);
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName);
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll);
__declspec(dllimport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll);
__declspec(dllimport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack);
__declspec(dllimport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack);
// TitanEngine.Process.functions:
__declspec(dllimport) long TITCALL GetActiveProcessId(char* szImageName);
__declspec(dllimport) long TITCALL GetActiveProcessIdW(wchar_t* szImageName);
__declspec(dllimport) void TITCALL EnumProcessesWithLibrary(char* szLibraryName, void* EnumFunction);
__declspec(dllimport) HANDLE TITCALL TitanOpenProcess(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId);
__declspec(dllexport) HANDLE TITCALL TitanOpenThread(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwThreadId);
// TitanEngine.TLSFixer.functions:
__declspec(dllimport) bool TITCALL TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
__declspec(dllimport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
__declspec(dllimport) bool TITCALL TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack);
__declspec(dllimport) bool TITCALL TLSRemoveCallback(char* szFileName);
__declspec(dllimport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL TLSRemoveTable(char* szFileName);
__declspec(dllimport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL TLSBackupData(char* szFileName);
__declspec(dllimport) bool TITCALL TLSBackupDataW(wchar_t* szFileName);
__declspec(dllimport) bool TITCALL TLSRestoreData();
__declspec(dllimport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
__declspec(dllimport) bool TITCALL TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
__declspec(dllimport) bool TITCALL TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
// TitanEngine.TranslateName.functions:
__declspec(dllimport) void* TITCALL TranslateNativeName(char* szNativeName);
__declspec(dllimport) void* TITCALL TranslateNativeNameW(wchar_t* szNativeName);
// TitanEngine.Handler.functions:
__declspec(dllimport) long TITCALL HandlerGetActiveHandleCount(DWORD ProcessId);
__declspec(dllimport) bool TITCALL HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle);
__declspec(dllimport) void* TITCALL HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
__declspec(dllimport) void* TITCALL HandlerGetHandleNameW(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
__declspec(dllimport) long TITCALL HandlerEnumerateOpenHandles(DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
__declspec(dllimport) ULONG_PTR TITCALL HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn);
__declspec(dllimport) bool TITCALL HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle);
__declspec(dllimport) long TITCALL HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
__declspec(dllimport) long TITCALL HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
__declspec(dllimport) bool TITCALL HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
__declspec(dllimport) bool TITCALL HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
__declspec(dllimport) bool TITCALL HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
__declspec(dllimport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
// TitanEngine.Handler[Mutex].functions:
__declspec(dllimport) long TITCALL HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
__declspec(dllimport) ULONG_PTR TITCALL HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString);
__declspec(dllimport) ULONG_PTR TITCALL HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString);
__declspec(dllimport) long TITCALL HandlerGetProcessIdWhichCreatedMutex(char* szMutexString);
__declspec(dllimport) long TITCALL HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString);
// TitanEngine.Injector.functions:
__declspec(dllimport) bool TITCALL RemoteLoadLibrary(HANDLE hProcess, char* szLibraryFile, bool WaitForThreadExit);
__declspec(dllimport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit);
__declspec(dllimport) bool TITCALL RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit);
__declspec(dllimport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit);
__declspec(dllimport) bool TITCALL RemoteExitProcess(HANDLE hProcess, DWORD ExitCode);
// TitanEngine.StaticUnpacker.functions:
__declspec(dllimport) bool TITCALL StaticFileLoad(char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
__declspec(dllimport) bool TITCALL StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
__declspec(dllimport) bool TITCALL StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
__declspec(dllimport) bool TITCALL StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size);
__declspec(dllimport) void TITCALL StaticFileClose(HANDLE FileHandle);
__declspec(dllimport) void TITCALL StaticMemoryDecrypt(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
__declspec(dllimport) void TITCALL StaticMemoryDecryptEx(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, void* DecryptionCallBack);
__declspec(dllimport) void TITCALL StaticMemoryDecryptSpecial(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, DWORD SpecDecryptionType, void* DecryptionCallBack);
__declspec(dllimport) void TITCALL StaticSectionDecrypt(ULONG_PTR FileMapVA, DWORD SectionNumber, bool SimulateLoad, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
__declspec(dllimport) bool TITCALL StaticMemoryDecompress(void* Source, DWORD SourceSize, void* Destination, DWORD DestinationSize, int Algorithm);
__declspec(dllimport) bool TITCALL StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName);
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName);
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName);
__declspec(dllimport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName);
__declspec(dllimport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm);
__declspec(dllimport) bool TITCALL StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm);
__declspec(dllimport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm);
// TitanEngine.Engine.functions:
__declspec(dllimport) void TITCALL SetEngineVariable(DWORD VariableId, bool VariableSet);
__declspec(dllimport) bool TITCALL EngineCreateMissingDependencies(char* szFileName, char* szOutputFolder, bool LogCreatedFiles);
__declspec(dllimport) bool TITCALL EngineCreateMissingDependenciesW(wchar_t* szFileName, wchar_t* szOutputFolder, bool LogCreatedFiles);
__declspec(dllimport) bool TITCALL EngineFakeMissingDependencies(HANDLE hProcess);
__declspec(dllimport) bool TITCALL EngineDeleteCreatedDependencies();
__declspec(dllimport) bool TITCALL EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack);
__declspec(dllimport) void TITCALL EngineAddUnpackerWindowLogMessage(char* szLogMessage);
__declspec(dllimport) bool TITCALL EngineCheckStructAlignment(DWORD StructureType, ULONG_PTR StructureSize);
// Global.Engine.Extension.Functions:
__declspec(dllimport) bool TITCALL ExtensionManagerIsPluginLoaded(char* szPluginName);
__declspec(dllimport) bool TITCALL ExtensionManagerIsPluginEnabled(char* szPluginName);
__declspec(dllimport) bool TITCALL ExtensionManagerDisableAllPlugins();
__declspec(dllimport) bool TITCALL ExtensionManagerDisablePlugin(char* szPluginName);
__declspec(dllimport) bool TITCALL ExtensionManagerEnableAllPlugins();
__declspec(dllimport) bool TITCALL ExtensionManagerEnablePlugin(char* szPluginName);
__declspec(dllimport) bool TITCALL ExtensionManagerUnloadAllPlugins();
__declspec(dllimport) bool TITCALL ExtensionManagerUnloadPlugin(char* szPluginName);
__declspec(dllimport) void* TITCALL ExtensionManagerGetPluginInfo(char* szPluginName);
#ifdef __cplusplus
}
#endif /*__cplusplus*/
#pragma pack(pop)
#endif /*TITANENGINE*/

2870
SDK/CPP/TitanEngine.hpp
View File

File diff suppressed because it is too large Load Diff

739
SDK/Delphi/TitanEngine.pas
View File

@ -1,739 +0,0 @@
unit TitanEngine;
interface
{TitanEngine Delphi SDK - 2.0.3}
{http://www.reversinglabs.com/}
{Types}
type
PE32Structure = ^PE_32_STRUCT;
PE_32_STRUCT = packed record
PE32Offset : LongInt;
ImageBase : LongInt;
OriginalEntryPoint : LongInt;
NtSizeOfImage : LongInt;
NtSizeOfHeaders : LongInt;
SizeOfOptionalHeaders : SmallInt;
FileAlignment : LongInt;
SectionAligment : LongInt;
ImportTableAddress : LongInt;
ImportTableSize : LongInt;
ResourceTableAddress : LongInt;
ResourceTableSize : LongInt;
ExportTableAddress : LongInt;
ExportTableSize : LongInt;
TLSTableAddress : LongInt;
TLSTableSize : LongInt;
RelocationTableAddress : LongInt;
RelocationTableSize : LongInt;
TimeDateStamp : LongInt;
SectionNumber : SmallInt;
CheckSum : LongInt;
SubSystem : SmallInt;
Characteristics : SmallInt;
NumberOfRvaAndSizes : LongInt;
end;
FileStatusInfo = ^FILE_STATUS_INFO;
FILE_STATUS_INFO = packed record
OveralEvaluation : BYTE;
EvaluationTerminatedByException : boolean;
FileIs64Bit : boolean;
FileIsDLL : boolean;
FileIsConsole : boolean;
MissingDependencies : boolean;
MissingDeclaredAPIs : boolean;
SignatureMZ : BYTE;
SignaturePE : BYTE;
EntryPoint : BYTE;
ImageBase : BYTE;
SizeOfImage : BYTE;
FileAlignment : BYTE;
SectionAlignment : BYTE;
ExportTable : BYTE;
RelocationTable : BYTE;
ImportTable : BYTE;
ImportTableSection : BYTE;
ImportTableData : BYTE;
IATTable : BYTE;
TLSTable : BYTE;
LoadConfigTable : BYTE;
BoundImportTable : BYTE;
COMHeaderTable : BYTE;
ResourceTable : BYTE;
ResourceData : BYTE;
SectionTable : BYTE;
end;
FileFixInfo = ^FILE_FIX_INFO;
FILE_FIX_INFO = packed record
OveralEvaluation : BYTE;
FixingTerminatedByException : boolean;
FileFixPerformed : boolean;
StrippedRelocation : boolean;
DontFixRelocations : boolean;
OriginalRelocationTableAddress : LongInt;
OriginalRelocationTableSize : LongInt;
StrippedExports : boolean;
DontFixExports : boolean;
OriginalExportTableAddress : LongInt;
OriginalExportTableSize : LongInt;
StrippedResources : boolean;
DontFixResources : boolean;
OriginalResourceTableAddress : LongInt;
OriginalResourceTableSize : LongInt;
StrippedTLS : boolean;
DontFixTLS : boolean;
OriginalTLSTableAddress : LongInt;
OriginalTLSTableSize : LongInt;
StrippedLoadConfig : boolean;
DontFixLoadConfig : boolean;
OriginalLoadConfigTableAddress : LongInt;
OriginalLoadConfigTableSize : LongInt;
StrippedBoundImports : boolean;
DontFixBoundImports : boolean;
OriginalBoundImportTableAddress : LongInt;
OriginalBoundImportTableSize : LongInt;
StrippedIAT : boolean;
DontFixIAT : boolean;
OriginalImportAddressTableAddress : LongInt;
OriginalImportAddressTableSize : LongInt;
StrippedCOM : boolean;
DontFixCOM : boolean;
OriginalCOMTableAddress : LongInt;
OriginalCOMTableSize : LongInt;
end;
ImportEnumData = ^IMPORT_ENUM_DATA;
IMPORT_ENUM_DATA = packed record
NewDll : boolean;
NumberOfImports : LongInt;
ImageBase : LongInt;
BaseImportThunk : LongInt;
ImportThunk : LongInt;
APIName : PAnsiChar;
DLLName : PAnsiChar;
end;
ThreadItemData = ^THREAD_ITEM_DATA;
THREAD_ITEM_DATA = packed record
hThread : THandle;
dwThreadId : LongInt;
ThreadStartAddress : LongInt;
ThreadLocalBase : LongInt;
end;
LibraryItemData = ^LIBRARY_ITEM_DATA;
LIBRARY_ITEM_DATA = packed record
hFile : THandle;
BaseOfDll : Pointer;
hFileMapping : THandle;
hFileMappingView : Pointer;
szLibraryPath:array[1..260] of AnsiChar;
szLibraryName:array[1..260] of AnsiChar;
end;
ProcessItemData = ^PROCESS_ITEM_DATA;
PROCESS_ITEM_DATA = packed record
hProcess : THandle;
dwProcessId : LongInt;
hThread : THandle;
dwThreadId : LongInt;
hFile : THandle;
BaseOfImage : Pointer;
ThreadStartAddress : Pointer;
ThreadLocalBase : Pointer;
end;
HandlerArray = ^HANDLER_ARRAY;
HANDLER_ARRAY = packed record
ProcessId : LongInt;
hHandle : THandle;
end;
HookEntry = ^HOOK_ENTRY;
HOOK_ENTRY = packed record
IATHook : boolean;
HookType : BYTE;
HookSize : LongInt;
HookAddress : Pointer;
RedirectionAddress : Pointer;
HookBytes:array[1..14] of BYTE;
OriginalBytes:array[1..14] of BYTE;
IATHookModuleBase : Pointer;
IATHookNameHash : LongInt;
HookIsEnabled : boolean;
HookIsRemote : boolean;
PatchedEntry : Pointer;
RelocationInfo:array[1..7] of LongInt;
RelocationCount : LongInt;
end;
PluginInformation = ^PLUGIN_INFORMATION;
PLUGIN_INFORMATION = packed record
PluginName:array[1..64] of AnsiChar;
PluginMajorVersion : LongInt;
PluginMinorVersion : LongInt;
PluginBaseAddress : LongInt;
TitanDebuggingCallBack : Pointer;
TitanRegisterPlugin : Pointer;
TitanReleasePlugin : Pointer;
TitanResetPlugin : Pointer;
PluginDisabled : boolean;
end;
const
{Registers}
UE_EAX = 1;
UE_EBX = 2;
UE_ECX = 3;
UE_EDX = 4;
UE_EDI = 5;
UE_ESI = 6;
UE_EBP = 7;
UE_ESP = 8;
UE_EIP = 9;
UE_EFLAGS = 10;
UE_DR0 = 11;
UE_DR1 = 12;
UE_DR2 = 13;
UE_DR3 = 14;
UE_DR6 = 15;
UE_DR7 = 16;
UE_CIP = 35;
UE_CSP = 36;
UE_SEG_GS = 37;
UE_SEG_FS = 38;
UE_SEG_ES = 39;
UE_SEG_DS = 40;
UE_SEG_CS = 41;
UE_SEG_SS = 42;
{Constants}
UE_PE_OFFSET = 0;
UE_IMAGEBASE = 1;
UE_OEP = 2;
UE_SIZEOFIMAGE = 3;
UE_SIZEOFHEADERS = 4;
UE_SIZEOFOPTIONALHEADER = 5;
UE_SECTIONALIGNMENT = 6;
UE_IMPORTTABLEADDRESS = 7;
UE_IMPORTTABLESIZE = 8;
UE_RESOURCETABLEADDRESS = 9;
UE_RESOURCETABLESIZE = 10;
UE_EXPORTTABLEADDRESS = 11;
UE_EXPORTTABLESIZE = 12;
UE_TLSTABLEADDRESS = 13;
UE_TLSTABLESIZE = 14;
UE_RELOCATIONTABLEADDRESS = 15;
UE_RELOCATIONTABLESIZE = 16;
UE_TIMEDATESTAMP = 17;
UE_SECTIONNUMBER = 18;
UE_CHECKSUM = 19;
UE_SUBSYSTEM = 20;
UE_CHARACTERISTICS = 21;
UE_NUMBEROFRVAANDSIZES = 22;
UE_SECTIONNAME = 23;
UE_SECTIONVIRTUALOFFSET = 24;
UE_SECTIONVIRTUALSIZE = 25;
UE_SECTIONRAWOFFSET = 26;
UE_SECTIONRAWSIZE = 27;
UE_SECTIONFLAGS = 28;
UE_CH_BREAKPOINT = 1;
UE_CH_SINGLESTEP = 2;
UE_CH_ACCESSVIOLATION = 3;
UE_CH_ILLEGALINSTRUCTION = 4;
UE_CH_NONCONTINUABLEEXCEPTION = 5;
UE_CH_ARRAYBOUNDSEXCEPTION = 6;
UE_CH_FLOATDENORMALOPERAND = 7;
UE_CH_FLOATDEVIDEBYZERO = 8;
UE_CH_INTEGERDEVIDEBYZERO = 9;
UE_CH_INTEGEROVERFLOW = 10;
UE_CH_PRIVILEGEDINSTRUCTION = 11;
UE_CH_PAGEGUARD = 12;
UE_CH_EVERYTHINGELSE = 13;
UE_CH_CREATETHREAD = 14;
UE_CH_EXITTHREAD = 15;
UE_CH_CREATEPROCESS = 16;
UE_CH_EXITPROCESS = 17;
UE_CH_LOADDLL = 18;
UE_CH_UNLOADDLL = 19;
UE_CH_OUTPUTDEBUGSTRING = 20;
UE_CH_AFTEREXCEPTIONPROCESSING = 21;
UE_CH_SYSTEMBREAKPOINT = 23;
UE_CH_UNHANDLEDEXCEPTION = 24;
UE_CH_RIPEVENT = 25;
UE_CH_DEBUGEVENT = 26;
UE_FUNCTION_STDCALL = 1;
UE_FUNCTION_CCALL = 2;
UE_FUNCTION_FASTCALL = 3;
UE_FUNCTION_STDCALL_RET = 4;
UE_FUNCTION_CCALL_RET = 5;
UE_FUNCTION_FASTCALL_RET = 6;
UE_FUNCTION_STDCALL_CALL = 7;
UE_FUNCTION_CCALL_CALL = 8;
UE_FUNCTION_FASTCALL_CALL = 9;
UE_PARAMETER_BYTE = 0;
UE_PARAMETER_WORD = 1;
UE_PARAMETER_DWORD = 2;
UE_PARAMETER_QWORD = 3;
UE_PARAMETER_PTR_BYTE = 4;
UE_PARAMETER_PTR_WORD = 5;
UE_PARAMETER_PTR_DWORD = 6;
UE_PARAMETER_PTR_QWORD = 7;
UE_PARAMETER_STRING = 8;
UE_PARAMETER_UNICODE = 9;
UE_BREAKPOINT_INT3 = 1;
UE_BREAKPOINT_LONG_INT3 = 2;
UE_BREAKPOINT_UD2 = 3;
UE_BPXREMOVED = 0;
UE_BPXACTIVE = 1;
UE_BPXINACTIVE = 2;
UE_BREAKPOINT = 0;
UE_SINGLESHOOT = 1;
UE_HARDWARE = 2;
UE_MEMORY = 3;
UE_MEMORY_READ = 4;
UE_MEMORY_WRITE = 5;
UE_MEMORY_EXECUTE = 6;
UE_BREAKPOINT_TYPE_INT3 = $10000000;
UE_BREAKPOINT_TYPE_LONG_INT3 = $20000000;
UE_BREAKPOINT_TYPE_UD2 = $30000000;
UE_HARDWARE_EXECUTE = 4;
UE_HARDWARE_WRITE = 5;
UE_HARDWARE_READWRITE = 6;
UE_HARDWARE_SIZE_1 = 7;
UE_HARDWARE_SIZE_2 = 8;
UE_HARDWARE_SIZE_4 = 9;
UE_ON_LIB_LOAD = 1;
UE_ON_LIB_UNLOAD = 2;
UE_ON_LIB_ALL = 3;
UE_APISTART = 0;
UE_APIEND = 1;
UE_PLATFORM_x86 = 1;
UE_PLATFORM_x64 = 2;
UE_PLATFORM_ALL = 3;
UE_ACCESS_READ = 0;
UE_ACCESS_WRITE = 1;
UE_ACCESS_ALL = 2;
UE_HIDE_BASIC = 1;
UE_ENGINE_ALOW_MODULE_LOADING = 1;
UE_ENGINE_AUTOFIX_FORWARDERS = 2;
UE_ENGINE_PASS_ALL_EXCEPTIONS = 3;
UE_ENGINE_NO_CONSOLE_WINDOW = 4;
UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS = 5;
UE_ENGINE_CALL_PLUGIN_CALLBACK = 6;
UE_ENGINE_RESET_CUSTOM_HANDLER = 7;
UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK = 8;
UE_ENGINE_SET_DEBUG_PRIVILEGE = 9;
UE_ENGINE_SAFE_ATTACH = 10;
UE_OPTION_REMOVEALL = 1;
UE_OPTION_DISABLEALL = 2;
UE_OPTION_REMOVEALLDISABLED = 3;
UE_OPTION_REMOVEALLENABLED = 4;
UE_STATIC_DECRYPTOR_XOR = 1;
UE_STATIC_DECRYPTOR_SUB = 2;
UE_STATIC_DECRYPTOR_ADD = 3;
UE_STATIC_DECRYPTOR_FOREWARD = 1;
UE_STATIC_DECRYPTOR_BACKWARD = 2;
UE_STATIC_KEY_SIZE_1 = 1;
UE_STATIC_KEY_SIZE_2 = 2;
UE_STATIC_KEY_SIZE_4 = 4;
UE_STATIC_KEY_SIZE_8 = 8;
UE_STATIC_APLIB = 1;
UE_STATIC_APLIB_DEPACK = 2;
UE_STATIC_LZMA = 3;
UE_STATIC_HASH_MD5 = 1;
UE_STATIC_HASH_SHA1 = 2;
UE_STATIC_HASH_CRC32 = 3;
UE_RESOURCE_LANGUAGE_ANY = -1;
UE_DEPTH_SURFACE = 0;
UE_DEPTH_DEEP = 1;
UE_UNPACKER_CONDITION_SEARCH_FROM_EP = 1;
UE_UNPACKER_CONDITION_LOADLIBRARY = 1;
UE_UNPACKER_CONDITION_GETPROCADDRESS = 2;
UE_UNPACKER_CONDITION_ENTRYPOINTBREAK = 3;
UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 = 4;
UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 = 5;
UE_FIELD_OK = 0;
UE_FIELD_BROKEN_NON_FIXABLE = 1;
UE_FIELD_BROKEN_NON_CRITICAL = 2;
UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE = 3;
UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED = 4;
UE_FIELD_FIXABLE_NON_CRITICAL = 5;
UE_FILED_FIXABLE_CRITICAL = 6;
UE_FIELD_NOT_PRESET = 7;
UE_FIELD_NOT_PRESET_WARNING = 8;
UE_RESULT_FILE_OK = 10;
UE_RESULT_FILE_INVALID_BUT_FIXABLE = 11;
UE_RESULT_FILE_INVALID_AND_NON_FIXABLE = 12;
UE_RESULT_FILE_INVALID_FORMAT = 13;
UE_PLUGIN_CALL_REASON_PREDEBUG = 1;
UE_PLUGIN_CALL_REASON_EXCEPTION = 2;
UE_PLUGIN_CALL_REASON_POSTDEBUG = 3;
TEE_HOOK_NRM_JUMP = 1;
TEE_HOOK_NRM_CALL = 3;
TEE_HOOK_IAT = 5;
{TitanEngine.Dumper.functions}
function DumpProcess(hProcess:THandle; ImageBase:LongInt; szDumpFileName:PAnsiChar; EntryPoint:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DumpProcess';
function DumpProcessEx(ProcessId:LongInt; ImageBase:LongInt; szDumpFileName:PAnsiChar; EntryPoint:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DumpProcessEx';
function DumpMemory(hProcess:THandle; MemoryStart,MemorySize:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpMemory';
function DumpMemoryEx(ProcessId:LongInt; MemoryStart,MemorySize:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpMemoryEx';
function DumpRegions(hProcess:THandle; szDumpFolder:PAnsiChar; DumpAboveImageBaseOnly:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'DumpRegions';
function DumpRegionsEx(ProcessId:LongInt; szDumpFolder:PAnsiChar; DumpAboveImageBaseOnly:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'DumpRegionsEx';
function DumpModule(hProcess:THandle; ModuleBase:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpModule';
function DumpModuleEx(ProcessId:LongInt; ModuleBase:LongInt; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DumpModuleEx';
function PastePEHeader(hProcess:THandle; ImageBase:LongInt; szDebuggedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'PastePEHeader';
function ExtractSection(szFileName,szDumpFileName:PAnsiChar; SectionNumber:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExtractSection';
function ResortFileSections(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ResortFileSections';
function FindOverlay(szFileName:PAnsiChar; OverlayStart,OverlaySize:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'FindOverlay';
function ExtractOverlay(szFileName,szExtactedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtractOverlay';
function AddOverlay(szFileName,szOverlayFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'AddOverlay';
function CopyOverlay(szInFileName,szOutFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'CopyOverlay';
function RemoveOverlay(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'RemoveOverlay';
function MakeAllSectionsRWE(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'MakeAllSectionsRWE';
function AddNewSectionEx(szFileName,szSectionName:PAnsiChar; SectionSize,SectionAttributes:LongInt; SectionContent:Pointer; ContentSize:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'AddNewSectionEx';
function AddNewSection(szFileName,szSectionName:PAnsiChar; SectionSize:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'AddNewSection';
function ResizeLastSection(szFileName:PAnsiChar; NumberOfExpandBytes:LongInt; AlignResizeData:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'ResizeLastSection';
procedure SetSharedOverlay(szFileName:PAnsiChar); stdcall; external 'TitanEngine.dll' name 'SetSharedOverlay';
function GetSharedOverlay():PAnsiChar; stdcall; external 'TitanEngine.dll' name 'GetSharedOverlay';
function DeleteLastSection(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteLastSection';
function DeleteLastSectionEx(szFileName:PAnsiChar; NumberOfSections:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteLastSectionEx';
function GetPE32DataFromMappedFile(FileMapVA,WhichSection,WhichData:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPE32DataFromMappedFile';
function GetPE32Data(szFileName:PAnsiChar; WhichSection,WhichData:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPE32Data';
function GetPE32DataFromMappedFileEx(FileMapVA:LongInt; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'GetPE32DataFromMappedFileEx';
function GetPE32DataEx(szFileName:PAnsiChar; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'GetPE32DataEx';
function SetPE32DataForMappedFile(FileMapVA,WhichSection,WhichData,NewDataValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32DataForMappedFile';
function SetPE32Data(szFileName:PAnsiChar; WhichSection,WhichData,NewDataValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32Data';
function SetPE32DataForMappedFileEx(szFileName:PAnsiChar; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32DataForMappedFileEx';
function SetPE32DataEx(szFileName:PAnsiChar; DataStorage:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetPE32DataEx';
function GetPE32SectionNumberFromVA(FileMapVA,AddressToConvert:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPE32SectionNumberFromVA';
function ConvertVAtoFileOffset(FileMapVA,AddressToConvert:LongInt; ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertVAtoFileOffset';
function ConvertVAtoFileOffsetEx(FileMapVA,FileSize,ImageBase,AddressToConvert:LongInt; AddressIsRVA,ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertVAtoFileOffsetEx';
function ConvertFileOffsetToVA(FileMapVA,AddressToConvert:LongInt; ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertFileOffsetToVA';
function ConvertFileOffsetToVAEx(FileMapVA,FileSize,ImageBase,AddressToConvert:LongInt; ReturnType:boolean):LongInt; stdcall; external 'TitanEngine.dll' name 'ConvertFileOffsetToVAEx';
{TitanEngine.Realigner.functions}
function FixHeaderCheckSum(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'FixHeaderCheckSum';
function RealignPE(FileMapVA,FileSize,RealingMode:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'RealignPE';
function RealignPEEx(szFileName:PAnsiChar; RealingFileSize,ForcedFileAlignment:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'RealignPEEx';
function WipeSection(szFileName:PAnsiChar; WipeSectionNumber:LongInt; RemovePhysically:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'WipeSection';
function IsPE32FileValidEx(szFileName:PAnsiChar; CheckDepth:LongInt; FileStatusInfo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'IsPE32FileValidEx';
function FixBrokenPE32FileEx(szFileName:PAnsiChar; FileStatusInfo,FileFixInfo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'FixBrokenPE32FileEx';
function IsFileDLL(szFileName:PAnsiChar; FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'IsFileDLL';
{TitanEngine.Hider.functions}
function GetPEBLocation(hProcess:THandle):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPEBLocation';
function GetPEBLocation64(hProcess:THandle):LongInt; stdcall; external 'TitanEngine.dll' name 'GetPEBLocation64';
function HideDebugger(hProcess:THandle; PatchAPILevel:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HideDebugger';
function UnHideDebugger(hProcess:THandle; PatchAPILevel:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'UnHideDebugger';
{TitanEngine.Relocater.functions}
procedure RelocaterCleanup(); stdcall; external 'TitanEngine.dll' name 'RelocaterCleanup';
procedure RelocaterInit(MemorySize,OldImageBase,NewImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'RelocaterInit';
procedure RelocaterAddNewRelocation(hProcess:THandle; RelocateAddress,RelocateState:LongInt); stdcall; external 'TitanEngine.dll' name 'RelocaterAddNewRelocation';
function RelocaterEstimatedSize():LongInt; stdcall; external 'TitanEngine.dll' name 'RelocaterEstimatedSize';
function RelocaterExportRelocation(StorePlace,StorePlaceRVA,FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterExportRelocation';
function RelocaterExportRelocationEx(szFileName,szSectionName:PAnsiChar; StorePlace,StorePlaceRVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterExportRelocationEx';
function RelocaterGrabRelocationTable(hProcess:THandle; MemoryStart,MemorySize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterGrabRelocationTable';
function RelocaterGrabRelocationTableEx(hProcess:THandle; MemoryStart,MemorySize,NtSizeOfImage:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterGrabRelocationTableEx';
function RelocaterMakeSnapshot(hProcess:THandle; szSaveFileName:PAnsiChar; MemoryStart,MemorySize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterMakeSnapshot';
function RelocaterCompareTwoSnapshots(hProcess:THandle; LoadedImageBase,NtSizeOfImage:LongInt; szDumpFile1,szDumpFile2:PAnsiChar; MemStart:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterCompareTwoSnapshots';
function RelocaterChangeFileBase(szFileName:PAnsiChar; NewImageBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterChangeFileBase';
function RelocaterRelocateMemoryBlock(FileMapVA,MemoryLocation:LongInt; RelocateMemory:Pointer; RelocateMemorySize,CurrentLoadedBase,RelocateBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterRelocateMemoryBlock';
function RelocaterWipeRelocationTable(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'RelocaterWipeRelocationTable';
{TitanEngine.Resourcer.functions}
function ResourcerLoadFileForResourceUse(szFileName:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'ResourcerLoadFileForResourceUse';
function ResourcerFreeLoadedFile(LoadedFileBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerFreeLoadedFile';
function ResourcerExtractResourceFromFileEx(FileMapVA:LongInt; szResourceType,szResourceName,szExtractedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerExtractResourceFromFileEx';
function ResourcerExtractResourceFromFile(szFileName,szResourceType,szResourceName,szExtractedFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerExtractResourceFromFile';
function ResourcerFindResource(szFileName,szResourceType:PAnsiChar; ResourceType:LongInt; szResourceName:PAnsiChar; ResourceName,ResourceLanguage:LongInt; pResourceData,pResourceSize:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerFindResource';
function ResourcerFindResourceEx(FileMapVA,FileSize:LongInt; szResourceType:PAnsiChar; ResourceType:LongInt; szResourceName:PAnsiChar; ResourceName,ResourceLanguage:LongInt; pResourceData,pResourceSize:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'ResourcerFindResourceEx';
procedure ResourcerEnumerateResource(szFileName:PAnsiChar; CallBack:LongInt); stdcall; external 'TitanEngine.dll' name 'ResourcerEnumerateResource';
procedure ResourcerEnumerateResourceEx(FileMapVA,FileSize:LongInt; CallBack:LongInt); stdcall; external 'TitanEngine.dll' name 'ResourcerEnumerateResourceEx';
{TitanEngine.FindOEP.functions}
procedure FindOEPInit(); stdcall; external 'TitanEngine.dll' name 'FindOEPInit';
procedure FindOEPGenerically(szFileName:PAnsiChar; TraceInitCallBack,CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'FindOEPGenerically';
{TitanEngine.Threader.functions}
function ThreaderImportRunningThreadData(ProcessId:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderImportRunningThreadData';
function ThreaderGetThreadInfo(hThread:THandle; ThreadId:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'ThreaderGetThreadInfo';
procedure ThreaderEnumThreadInfo(EnumCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'ThreaderGetThreadInfo';
function ThreaderPauseThread(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderPauseThread';
function ThreaderResumeThread(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderResumeThread';
function ThreaderTerminateThread(hThread:THandle; ThreadExitCode:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderTerminateThread';
function ThreaderPauseAllThreads(LeaveMainRunning:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderPauseAllThreads';
function ThreaderResumeAllThreads(LeaveMainPaused:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderResumeAllThreads';
function ThreaderPauseProcess():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderPauseProcess';
function ThreaderResumeProcess():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderResumeProcess';
function ThreaderCreateRemoteThread(ThreadStartAddress:LongInt; AutoCloseTheHandle:boolean; ThreadPassParameter,ThreadId:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'ThreaderCreateRemoteThread';
function ThreaderInjectAndExecuteCode(InjectCode:Pointer; StartDelta,InjectSize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderInjectAndExecuteCode';
function ThreaderCreateRemoteThreadEx(hProcess:THandle; ThreadStartAddress:LongInt; AutoCloseTheHandle:boolean; ThreadPassParameter,ThreadId:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'ThreaderCreateRemoteThreadEx';
function ThreaderInjectAndExecuteCodeEx(hProcess:THandle; InjectCode:Pointer; StartDelta,InjectSize:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderInjectAndExecuteCodeEx';
procedure ThreaderSetCallBackForNextExitThreadEvent(exitThreadCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'ThreaderSetCallBackForNextExitThreadEvent';
function ThreaderIsThreadStillRunning(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsThreadStillRunning';
function ThreaderIsThreadActive(hThread:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsThreadActive';
function ThreaderIsAnyThreadActive():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsAnyThreadActive';
function ThreaderExecuteOnlyInjectedThreads():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderExecuteOnlyInjectedThreads';
function ThreaderGetOpenHandleForThread(ThreadId:LongInt):THandle; stdcall; external 'TitanEngine.dll' name 'ThreaderGetOpenHandleForThread';
function ThreaderIsExceptionInMainThread():boolean; stdcall; external 'TitanEngine.dll' name 'ThreaderIsExceptionInMainThread';
{TitanEngine.Debugger.functions}
function StaticDisassembleEx(DisassmStart:LongInt; DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'StaticDisassembleEx';
function StaticDisassemble(DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'StaticDisassemble';
function DisassembleEx(hProcess:THandle; DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'DisassembleEx';
function Disassemble(DisassmAddress:Pointer):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'Disassemble';
function StaticLengthDisassemble(DisassmAddress:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'StaticLengthDisassemble';
function LengthDisassembleEx(hProcess:THandle; DisassmAddress:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'LengthDisassembleEx';
function LengthDisassemble(DisassmAddress:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'LengthDisassemble';
function InitDebug(szFileName,szCommandLine,szCurrentFolder:PAnsiChar): Pointer; stdcall; external 'TitanEngine.dll' name 'InitDebug';
function InitNativeDebug(szFileName,szCommandLine,szCurrentFolder:PAnsiChar): Pointer; stdcall; external 'TitanEngine.dll' name 'InitNonWin32Debug';
function InitDebugEx(szFileName,szCommandLine,szCurrentFolder:PAnsiChar; EntryCallBack:Pointer): Pointer; stdcall; external 'TitanEngine.dll' name 'InitDebugEx';
function InitDLLDebug(szFileName:PAnsiChar; ReserveModuleBase:boolean; szCommandLine,szCurrentFolder:PAnsiChar; EntryCallBack:Pointer): Pointer; stdcall; external 'TitanEngine.dll' name 'InitDLLDebug';
function StopDebug(): Boolean; stdcall; external 'TitanEngine.dll' name 'StopDebug';
procedure SetBPXOptions(DefaultBreakPointType:LongInt); stdcall; external 'TitanEngine.dll' name 'SetBPXOptions';
function IsBPXEnabled(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'IsBPXEnabled';
function EnableBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'EnableBPX';
function DisableBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'DisableBPX';
function SetBPX(bpxAddress,bpxType:LongInt; bpxCallBack:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'SetBPX';
function DeleteBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'DeleteBPX';
function SafeDeleteBPX(bpxAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'SafeDeleteBPX';
function SetAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxType,bpxPlace:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetAPIBreakPoint';
function DeleteAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxPlace:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteAPIBreakPoint';
function SafeDeleteAPIBreakPoint(szDLLName,szAPIName:PAnsiChar; bpxPlace:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SafeDeleteAPIBreakPoint';
function SetMemoryBPX(MemoryStart,SizeOfMemory:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetMemoryBPX';
function SetMemoryBPXEx(MemoryStart,SizeOfMemory,BreakPointType:LongInt; RestoreOnHit:boolean; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetMemoryBPXEx';
function RemoveMemoryBPX(MemoryStart,SizeOfMemory:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RemoveMemoryBPX';
function GetContextFPUDataEx(hActiveThread:THandle; FPUSaveArea:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'GetContextFPUDataEx';
function GetContextDataEx(hActiveThread:THandle; IndexOfRegister:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetContextDataEx';
function GetContextData(IndexOfRegister:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetContextData';
function SetContextFPUDataEx(hActiveThread:THandle; FPUSaveArea:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'SetContextFPUDataEx';
function SetContextDataEx(hActiveThread:THandle; IndexOfRegister,NewRegisterValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetContextDataEx';
function SetContextData(IndexOfRegister,NewRegisterValue:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'SetContextData';
procedure ClearExceptionNumber(); stdcall; external 'TitanEngine.dll' name 'ClearExceptionNumber';
function CurrentExceptionNumber(): LongInt; stdcall; external 'TitanEngine.dll' name 'CurrentExceptionNumber';
function MatchPatternEx(hProcess:THandle; MemoryToCheck,SizeOfMemoryToCheck:LongInt; PatternToMatch:Pointer; SizeOfPatternToMatch:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'MatchPatternEx';
function MatchPattern(MemoryToCheck,SizeOfMemoryToCheck:LongInt; PatternToMatch:Pointer; SizeOfPatternToMatch:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'MatchPattern';
function FindEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize:LongInt; WildCard:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'FindEx';
function Find(MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize:LongInt; WildCard:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'Find';
function FillEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; FillByte:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'FillEx';
function Fill(MemoryStart,MemorySize:LongInt; FillByte:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'Fill';
function PatchEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; AppendNOP,PrependNOP:boolean): boolean; stdcall; external 'TitanEngine.dll' name 'PatchEx';
function Patch(MemoryStart,MemorySize:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; AppendNOP,PrependNOP:boolean): boolean; stdcall; external 'TitanEngine.dll' name 'Patch';
function ReplaceEx(hProcess:THandle; MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize,NumberOfRepetitions:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'ReplaceEx';
function Replace(MemoryStart,MemorySize:LongInt; SearchPattern:Pointer; PatternSize,NumberOfRepetitions:LongInt; ReplacePattern:Pointer; ReplaceSize:LongInt; WildCard:Pointer): boolean; stdcall; external 'TitanEngine.dll' name 'Replace';
function GetDebugData(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetDebugData';
function GetTerminationData(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetTerminationData';
function GetExitCode():LongInt; stdcall; external 'TitanEngine.dll' name 'GetExitCode';
function GetDebuggedDLLBaseAddress(): LongInt; stdcall; external 'TitanEngine.dll' name 'GetDebuggedDLLBaseAddress';
function GetDebuggedFileBaseAddress(): LongInt; stdcall; external 'TitanEngine.dll' name 'GetDebuggedFileBaseAddress';
function GetRemoteString(hProcess:THandle; StringAddress:LongInt; StringStorage:Pointer; MaximumStringSize:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetRemoteString';
function GetFunctionParameter(hProcess:THandle; FunctionType,ParameterNumber,ParameterType:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'GetFunctionParameter';
function GetJumpDestinationEx(hProcess:THandle; InstructionAddress:LongInt; JustJumps:boolean): LongInt; stdcall; external 'TitanEngine.dll' name 'GetJumpDestinationEx';
function GetJumpDestination(hProcess:THandle; InstructionAddress:LongInt; JustJumps:boolean): LongInt; stdcall; external 'TitanEngine.dll' name 'GetJumpDestination';
function IsJumpGoingToExecuteEx(hProcess,hThread:THandle; InstructionAddress,RegFlags:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'IsJumpGoingToExecuteEx';
function IsJumpGoingToExecute(): boolean; stdcall; external 'TitanEngine.dll' name 'IsJumpGoingToExecute';
procedure SetCustomHandler(WhichException:LongInt; CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'SetCustomHandler';
procedure ForceClose(); stdcall; external 'TitanEngine.dll' name 'ForceClose';
procedure StepInto(traceCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StepInto';
procedure StepOver(traceCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StepOver';
procedure SingleStep(StepCount:LongInt; StepCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'SingleStep';
function GetUnusedHardwareBreakPointRegister(RegisterIndex:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'GetUnusedHardwareBreakPointRegister';
function SetHardwareBreakPointEx(hActiveThread:THandle; bpxAddress,IndexOfRegister,bpxType,bpxSize:LongInt; bpxCallBack,IndexOfSelectedRegister:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetHardwareBreakPointEx';
function SetHardwareBreakPoint(bpxAddress,IndexOfRegister,bpxType,bpxSize:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'SetHardwareBreakPoint';
function DeleteHardwareBreakPoint(IndexOfRegister:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'DeleteHardwareBreakPoint';
function RemoveAllBreakPoints(RemoveOption:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RemoveAllBreakPoints';
function GetProcessInformation(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetProcessInformation';
function GetStartupInformation(): Pointer; stdcall; external 'TitanEngine.dll' name 'GetStartupInformation';
procedure DebugLoop(); stdcall; external 'TitanEngine.dll' name 'DebugLoop';
procedure SetDebugLoopTimeOut(TimeOut:LongInt); stdcall; external 'TitanEngine.dll' name 'SetDebugLoopTimeOut';
procedure SetNextDbgContinueStatus(SetDbgCode:LongInt); stdcall; external 'TitanEngine.dll' name 'SetNextDbgContinueStatus';
function AttachDebugger(ProcessId:LongInt; KillOnExit:Boolean; DebugInfo,CallBack:Pointer): Pointer; stdcall; external 'TitanEngine.dll' name 'AttachDebugger';
function DetachDebugger(ProcessId:LongInt): Pointer; stdcall; external 'TitanEngine.dll' name 'DetachDebugger';
function DetachDebuggerEx(ProcessId:LongInt): Pointer; stdcall; external 'TitanEngine.dll' name 'DetachDebuggerEx';
function DebugLoopEx(TimeOut:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'DebugLoopEx';
procedure AutoDebugEx(szFileName:PAnsiChar; ReserveModuleBase:boolean; szCommandLine,szCurrentFolder:PAnsiChar; TimeOut:LongInt; EntryCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'AutoDebugEx';
function IsFileBeingDebugged(): boolean; stdcall; external 'TitanEngine.dll' name 'IsFileBeingDebugged';
procedure SetErrorModel(DisplayErrorMessages:boolean); stdcall; external 'TitanEngine.dll' name 'SetErrorModel';
{TitanEngine.Importer.functions}
procedure ImporterCleanup(); stdcall; external 'TitanEngine.dll' name 'ImporterCleanup';
procedure ImporterSetImageBase(ImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterSetImageBase';
procedure ImporterSetUnknownDelta(DeltaAddress:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterSetUnknownDelta';
function ImporterGetCurrentDelta():LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetCurrentDelta';
procedure ImporterInit(MemorySize,ImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterInit';
procedure ImporterAddNewDll(DLLName:PAnsiChar; FirstThunk:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterAddNewDll';
procedure ImporterAddNewAPI(APIName:PAnsiChar; FirstThunk:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterAddNewAPI';
procedure ImporterAddNewOrdinalAPI(dwAPIName,FirstThunk:LongInt); stdcall; external 'TitanEngine.dll' name 'ImporterAddNewAPI';
function ImporterGetAddedDllCount(): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAddedDllCount';
function ImporterGetAddedAPICount(): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAddedAPICount';
function ImporterGetLastAddedDLLName(): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetLastAddedDLLName';
procedure ImporterMoveIAT(); stdcall; external 'TitanEngine.dll' name 'ImporterMoveIAT';
function ImporterExportIAT(StorePlace,FileMap:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ImporterExportIAT';
function ImporterEstimatedSize(): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterEstimatedSize';
function ImporterExportIATEx(szExportFileName,szSectionName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ImporterExportIATEx';
function ImporterFindAPIWriteLocation(szAPIName:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindAPIWriteLocation';
function ImporterFindOrdinalAPIWriteLocation(OrdinalNumber:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindOrdinalAPIWriteLocation';
function ImporterFindAPIByWriteLocation(APIWriteLocation:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindAPIByWriteLocation';
function ImporterFindDLLByWriteLocation(APIWriteLocation:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterFindDLLByWriteLocation';
function ImporterGetDLLName(APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLName';
function ImporterGetAPIName(APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPIName';
function ImporterGetAPIOrdinalNumber(APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPIOrdinalNumber';
function ImporterGetAPINameEx(APIAddress:LongInt; pDLLBases:Pointer): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPINameEx';
function ImporterGetRemoteAPIAddress(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetRemoteAPIAddress';
function ImporterGetRemoteAPIAddressEx(szDLLName,szAPIName:PAnsiChar): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetRemoteAPIAddressEx';
function ImporterGetLocalAPIAddress(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetLocalAPIAddress';
function ImporterGetDLLNameFromDebugee(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLNameFromDebugee';
function ImporterGetAPINameFromDebugee(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPINameFromDebugee';
function ImporterGetAPIOrdinalNumberFromDebugee(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetAPIOrdinalNumberFromDebugee';
function ImporterGetDLLIndexEx(APIAddress:LongInt; pDLLBases:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLIndexEx';
function ImporterGetDLLIndex(hProcess:THandle; APIAddress:LongInt; pDLLBases:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetDLLIndex';
function ImporterGetRemoteDLLBase(hProcess:THandle; LocalModuleBase:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetRemoteDLLBase';
function ImporterRelocateWriteLocation(AddValue:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterRelocateWriteLocation';
function ImporterIsForwardedAPI(hProcess:THandle; APIAddress:LongInt): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterIsForwardedAPI';
function ImporterGetForwardedAPIName(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedAPIName';
function ImporterGetForwardedDLLName(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedDLLName';
function ImporterGetForwardedDLLIndex(hProcess:THandle; APIAddress:LongInt; pDLLBases:Pointer): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedDLLIndex';
function ImporterGetForwardedAPIOrdinalNumber(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetForwardedAPIOrdinalNumber';
function ImporterGetNearestAPIAddress(hProcess:THandle; APIAddress:LongInt): LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterGetNearestAPIAddress';
function ImporterGetNearestAPIName(hProcess:THandle; APIAddress:LongInt): PAnsiChar; stdcall; external 'TitanEngine.dll' name 'ImporterGetNearestAPIName';
function ImporterCopyOriginalIAT(szOriginalFile,szDumpFile:PAnsiChar): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterCopyOriginalIAT';
function ImporterLoadImportTable(szFileName:PAnsiChar): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterLoadImportTable';
function ImporterMoveOriginalIAT(szOriginalFile,szDumpFile,szSectionName:PAnsiChar): boolean; stdcall; external 'TitanEngine.dll' name 'ImporterMoveOriginalIAT';
procedure ImporterAutoSearchIAT(pFileName:PAnsiChar;ImageBase,SearchStart,SearchSize:LongInt;pIATStart,pIATSize:Pointer); stdcall; external 'TitanEngine.dll' name 'ImporterAutoSearchIAT';
procedure ImporterAutoSearchIATEx(hProcess:LongInt;ImageBase,SearchStart,SearchSize:LongInt;pIATStart,pIATSize:Pointer); stdcall; external 'TitanEngine.dll' name 'ImporterAutoSearchIATEx';
procedure ImporterEnumAddedData(EnumCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'ImporterEnumAddedData';
function ImporterAutoFixIAT(hProcess:LongInt;pFileName:PAnsiChar;ImageBase,SearchStart,SearchSize,SearchStep:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterAutoFixIAT';
function ImporterAutoFixIATEx(hProcess:LongInt;pFileName,szSectionName:PAnsiChar;DumpRunningProcess,RealignFile:boolean;EntryPointAddress,ImageBase,SearchStart,SearchSize,SearchStep:LongInt;TryAutoFix,FixEliminations:boolean;UnknownPointerFixCallback:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'ImporterAutoFixIATEx';
{TitanEngine.Hooks.functions}
function HooksSafeTransitionEx(HookAddressArray:Pointer; NumberOfHooks:LongInt; TransitionStart:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksSafeTransitionEx';
function HooksSafeTransition(HookAddressArray:Pointer; TransitionStart:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksSafeTransition';
function HooksIsAddressRedirected(HookAddressArray:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'HooksIsAddressRedirected';
function HooksGetTrampolineAddress(HookAddressArray:Pointer):Pointer; stdcall; external 'TitanEngine.dll' name 'HooksGetTrampolineAddress';
function HooksGetHookEntryDetails(HookAddressArray:Pointer):Pointer; stdcall; external 'TitanEngine.dll' name 'HooksGetHookEntryDetails';
function HooksInsertNewRedirection(HookAddressArray,RedirectTo:Pointer; HookType:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksInsertNewRedirection';
function HooksInsertNewIATRedirectionEx(FileMapVA,LoadedModuleBase:LongInt; szHookFunction:PAnsiChar; RedirectTo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'HooksInsertNewIATRedirectionEx';
function HooksInsertNewIATRedirection(szModuleName,szHookFunction:PAnsiChar; RedirectTo:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'HooksInsertNewIATRedirection';
function HooksRemoveRedirection(HookAddressArray:Pointer; RemoveAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksRemoveRedirection';
function HooksRemoveRedirectionsForModule(ModuleBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksRemoveRedirectionsForModule';
function HooksDisableRedirection(HookAddressArray:Pointer; DisableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksDisableRedirection';
function HooksDisableRedirectionsForModule(ModuleBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksDisableRedirectionsForModule';
function HooksEnableRedirection(HookAddressArray:Pointer; EnableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksEnableRedirection';
function HooksEnableRedirectionsForModule(ModuleBase:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'HooksEnableRedirectionsForModule';
function HooksRemoveIATRedirection(szModuleName,szHookFunction:PAnsiChar; RemoveAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksRemoveIATRedirection';
function HooksDisableIATRedirection(szModuleName,szHookFunction:PAnsiChar; DisableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksDisableIATRedirection';
function HooksEnableIATRedirection(szModuleName,szHookFunction:PAnsiChar; EnableAll:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HooksEnableIATRedirection';
procedure HooksScanModuleMemory(ModuleBase:LongInt; CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'HooksScanModuleMemory';
procedure HooksScanEntireProcessMemory(CallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'HooksScanEntireProcessMemory';
procedure HooksScanEntireProcessMemoryEx(); stdcall; external 'TitanEngine.dll' name 'HooksScanEntireProcessMemoryEx';
{TitanEngine.Tracer.functions}
procedure TracerInit(); stdcall; external 'TitanEngine.dll' name 'TracerInit';
function TracerLevel1(hProcess,APIAddress:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerLevel1';
function HashTracerLevel1(hProcess,APIAddress,NumberOfInstructions:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HashTracerLevel1';
function TracerDetectRedirection(hProcess,APIAddress:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerDetectRedirection';
function TracerFixKnownRedirection(hProcess,APIAddress,RedirectionId:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerFixKnownRedirection';
function TracerFixRedirectionViaImpRecPlugin(hProcess:LongInt;szPluginName:PAnsiChar;APIAddress:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'TracerFixRedirectionViaImpRecPlugin';
{TitanEngine.Exporter.functions}
procedure ExporterCleanup(); stdcall; external 'TitanEngine.dll' name 'ExporterCleanup';
procedure ExporterSetImageBase(ImageBase:LongInt); stdcall; external 'TitanEngine.dll' name 'ExporterSetImageBase';
procedure ExporterInit(MemorySize,ImageBase,ExportOrdinalBase:LongInt; szExportModuleName:PAnsiChar); stdcall; external 'TitanEngine.dll' name 'ExporterInit';
function ExporterAddNewExport(szExportName:PAnsiChar; ExportRelativeAddress:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterAddNewExport';
function ExporterAddNewOrdinalExport(OrdinalNumber,ExportRelativeAddress:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterAddNewOrdinalExport';
function ExporterGetAddedExportCount():LongInt; stdcall; external 'TitanEngine.dll' name 'ExporterGetAddedExportCount';
function ExporterEstimatedSize():LongInt; stdcall; external 'TitanEngine.dll' name 'ExporterEstimatedSize';
function ExporterBuildExportTable(StorePlace,FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterBuildExportTable';
function ExporterBuildExportTableEx(szExportFileName,szSectionName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterBuildExportTableEx';
function ExporterLoadExportTable(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExporterLoadExportTable';
{TitanEngine.Librarian.functions}
function LibrarianSetBreakPoint(szLibraryName:PAnsiChar; bpxType:LongInt; SingleShoot:boolean; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'LibrarianSetBreakPoint';
function LibrarianRemoveBreakPoint(szLibraryName:PAnsiChar; bpxType:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'LibrarianRemoveBreakPoint';
function LibrarianGetLibraryInfo(szLibraryName:PAnsiChar):Pointer; stdcall; external 'TitanEngine.dll' name 'LibrarianGetLibraryInfo';
function LibrarianGetLibraryInfoEx(BaseOfDll:Pointer):Pointer; stdcall; external 'TitanEngine.dll' name 'LibrarianGetLibraryInfoEx';
procedure LibrarianEnumLibraryInfo(BaseOfDll:Pointer); stdcall; external 'TitanEngine.dll' name 'LibrarianEnumLibraryInfo';
{TitanEngine.Process.functions}
function GetActiveProcessId(szImageName:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'GetActiveProcessId';
function EnumProcessesWithLibrary(szLibraryName:PAnsiChar; EnumFunction:Pointer):LongInt; stdcall; external 'TitanEngine.dll' name 'EnumProcessesWithLibrary';
{TitanEngine.TLSFixer.functions}
function TLSBreakOnCallBack(ArrayOfCallBacks:Pointer; NumberOfCallBacks:LongInt; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBreakOnCallBack';
function TLSGrabCallBackData(szFileName:PAnsiChar; ArrayOfCallBacks,NumberOfCallBacks:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'TLSGrabCallBackData';
function TLSBreakOnCallBackEx(szFileName:PAnsiChar; bpxCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBreakOnCallBackEx';
function TLSRemoveCallback(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'TLSRemoveCallback';
function TLSRemoveTable(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'TLSRemoveTable';
function TLSBackupData(szFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBackupData';
function TLSRestoreData():boolean; stdcall; external 'TitanEngine.dll' name 'TLSRestoreData';
function TLSBuildNewTable(FileMapVA,StorePlace,StorePlaceRVA:LongInt; ArrayOfCallBacks:Pointer; NumberOfCallBacks:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBuildNewTable';
function TLSBuildNewTableEx(szFileName,szSectionName:PAnsiChar; ArrayOfCallBacks:Pointer; NumberOfCallBacks:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'TLSBuildNewTableEx';
{TitanEngine.TranslateName.functions}
function TranslateNativeName(szNativeName:PAnsiChar):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'TranslateNativeName';
{TitanEngine.Handler.functions}
function HandlerGetActiveHandleCount(ProcessId:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetActiveHandleCount';
function HandlerIsHandleOpen(ProcessId:LongInt; hHandle:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerIsHandleOpen';
function HandlerGetHandleName(hProcess:THandle; ProcessId:LongInt; hHandle:THandle; TranslateName:boolean):PAnsiChar; stdcall; external 'TitanEngine.dll' name 'HandlerGetHandleName';
function HandlerEnumerateOpenHandles(ProcessId:LongInt; HandleBuffer:Pointer; MaxHandleCount:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerEnumerateOpenHandles';
function HandlerGetHandleDetails(hProcess:THandle; ProcessId:LongInt; hHandle:THandle; InformationReturn:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetHandleDetails';
function HandlerCloseRemoteHandle(ProcessId:LongInt; hHandle:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerCloseRemoteHandle';
function HandlerEnumerateLockHandles(szFileOrFolderName:PAnsiChar; NameIsFolder,NameIsTranslated:boolean; HandleDataBuffer:Pointer; MaxHandleCount:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerEnumerateLockHandles';
function HandlerCloseAllLockHandles(szFileOrFolderName:PAnsiChar; NameIsFolder,NameIsTranslated:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerCloseAllLockHandles';
function HandlerIsFileLocked(szFileOrFolderName:PAnsiChar; NameIsFolder,NameIsTranslated:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'HandlerIsFileLocked';
function HandlerEnumerateOpenMutexes(hProcess:THandle; ProcessId:LongInt; HandleBuffer:Pointer; MaxHandleCount:LongInt):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerEnumerateOpenMutexes';
function HandlerGetOpenMutexHandle(hProcess:THandle; ProcessId:LongInt; szMutexString:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetOpenMutexHandle';
function HandlerGetProcessIdWhichCreatedMutex(szMutexString:PAnsiChar):LongInt; stdcall; external 'TitanEngine.dll' name 'HandlerGetProcessIdWhichCreatedMutex';
{TitanEngine.Injector.functions}
function RemoteLoadLibrary(hProcess:THandle; szLibraryFile:PAnsiChar; WaitForThreadExit:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'RemoteLoadLibrary';
function RemoteFreeLibrary(hProcess:THandle; hModule:LongInt; szLibraryFile:PAnsiChar; WaitForThreadExit:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'RemoteFreeLibrary';
function RemoteExitProcess(hProcess:THandle; ExitCode:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'RemoteExitProcess';
{TitanEngine.StaticUnpacker.functions}
function StaticFileLoad(szFileName:PAnsiChar; DesiredAccess:LongInt; SimulateLoad:boolean; FileHandle,LoadedSize,FileMap,FileMapVA:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileLoad';
function StaticFileUnload(szFileName:PAnsiChar; CommitChanges:boolean; FileHandle,LoadedSize,FileMap,FileMapVA:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileUnload';
function StaticFileOpen(szFileName:PAnsiChar; DesiredAccess:LongInt; FileHandle,FileSizeLow,FileSizeHigh:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileOpen';
function StaticFileGetContent(FileHandle:THandle; FilePositionLow:LongInt; FilePositionHigh,Buffer:Pointer; Size:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticFileGetContent';
procedure StaticFileClose(FileHandle:THandle); stdcall; external 'TitanEngine.dll' name 'StaticFileClose';
procedure StaticMemoryDecrypt(MemoryStart,MemorySize,DecryptionType,DecryptionKeySize,DecryptionKey:LongInt); stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecrypt';
procedure StaticMemoryDecryptEx(MemoryStart,MemorySize,DecryptionKeySize:LongInt; DecryptionCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecryptEx';
procedure StaticMemoryDecryptSpecial(MemoryStart,MemorySize,DecryptionKeySize,SpecDecryptionType:LongInt; DecryptionCallBack:Pointer); stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecryptSpecial';
procedure StaticSectionDecrypt(FileMapVA,SectionNumber:LongInt; SimulateLoad:boolean; DecryptionType,DecryptionKeySize,DecryptionKey:LongInt); stdcall; external 'TitanEngine.dll' name 'StaticSectionDecrypt';
function StaticMemoryDecompress(Source,SourceSize,Destination,DestinationSize,Algorithm:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticMemoryDecompress';
function StaticRawMemoryCopy(hFile:THandle; FileMapVA,VitualAddressToCopy,Size:LongInt; AddressIsRVA:boolean; szDumpFileName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'StaticRawMemoryCopy';
function StaticHashMemory(MemoryToHash:Pointer; SizeOfMemory:LongInt; HashDigest:Pointer; OutputString:boolean; Algorithm:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticHashMemory';
function StaticHashFile(szFileName,HashDigest:PAnsiChar; OutputString:boolean; Algorithm:LongInt):boolean; stdcall; external 'TitanEngine.dll' name 'StaticHashFile';
{TitanEngine.Engine.functions}
procedure SetEngineVariable(VariableId:LongInt; VariableSet:boolean); stdcall; external 'TitanEngine.dll' name 'SetEngineVariable';
function EngineCreateMissingDependencies(szFileName,szOutputFolder:PAnsiChar; LogCreatedFiles:boolean):boolean; stdcall; external 'TitanEngine.dll' name 'EngineCreateMissingDependencies';
function EngineFakeMissingDependencies(hProcess:THandle):boolean; stdcall; external 'TitanEngine.dll' name 'EngineCreateMissingDependencies';
function EngineDeleteCreatedDependencies():boolean; stdcall; external 'TitanEngine.dll' name 'EngineDeleteCreatedDependencies';
function EngineCreateUnpackerWindow(WindowUnpackerTitle,WindowUnpackerLongTitleWindowUnpackerName,WindowUnpackerAuthor:PChar; StartUnpackingCallBack:Pointer):boolean; stdcall; external 'TitanEngine.dll' name 'EngineCreateUnpackerWindow';
procedure EngineAddUnpackerWindowLogMessage(szLogMessage:PChar); stdcall; external 'TitanEngine.dll' name 'EngineAddUnpackerWindowLogMessage';
{TitanEngine.Extension.functions}
function ExtensionManagerIsPluginLoaded(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerIsPluginLoaded';
function ExtensionManagerIsPluginEnabled(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerIsPluginEnabled';
function ExtensionManagerDisableAllPlugins():boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerDisableAllPlugins';
function ExtensionManagerDisablePlugin(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerDisablePlugin';
function ExtensionManagerEnableAllPlugins():boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerEnableAllPlugins';
function ExtensionManagerEnablePlugin(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerEnablePlugin';
function ExtensionManagerUnloadAllPlugins():boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerUnloadAllPlugins';
function ExtensionManagerUnloadPlugin(szPluginName:PAnsiChar):boolean; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerUnloadPlugin';
function ExtensionManagerGetPluginInfo(szPluginName:PAnsiChar):Pointer; stdcall; external 'TitanEngine.dll' name 'ExtensionManagerGetPluginInfo';
implementation
end.

1477
SDK/LUA/TitanEngine.lua
View File

File diff suppressed because it is too large Load Diff

826
SDK/MASM/TitanEngine.INC
View File

@ -1,826 +0,0 @@
;--- include file created by h2incx v0.99.20 (copyright 2005-2009 japheth)
;--- source file: C:\Users\Administrator\Desktop\h2incx\SDK.h, last modified: 3/8/2010 17:0
;--- cmdline used for creation: -a -b -d3 -y sdk.h
include windows.inc
includelib TitanEngine_x86.lib
UE_ACCESS_READ EQU 0
UE_ACCESS_WRITE EQU 1
UE_ACCESS_ALL EQU 2
UE_HIDE_BASIC EQU 1
UE_PLUGIN_CALL_REASON_PREDEBUG EQU 1
UE_PLUGIN_CALL_REASON_EXCEPTION EQU 2
UE_PLUGIN_CALL_REASON_POSTDEBUG EQU 3
TEE_HOOK_NRM_JUMP EQU 1
TEE_HOOK_NRM_CALL EQU 3
TEE_HOOK_IAT EQU 5
UE_ENGINE_ALOW_MODULE_LOADING EQU 1
UE_ENGINE_AUTOFIX_FORWARDERS EQU 2
UE_ENGINE_PASS_ALL_EXCEPTIONS EQU 3
UE_ENGINE_NO_CONSOLE_WINDOW EQU 4
UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS EQU 5
UE_ENGINE_CALL_PLUGIN_CALLBACK EQU 6
UE_ENGINE_RESET_CUSTOM_HANDLER EQU 7
UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK EQU 8
UE_ENGINE_SAFE_ATTACH EQU 10
UE_ENGINE_SET_DEBUG_PRIVILEGE EQU 9
UE_OPTION_REMOVEALL EQU 1
UE_OPTION_DISABLEALL EQU 2
UE_OPTION_REMOVEALLDISABLED EQU 3
UE_OPTION_REMOVEALLENABLED EQU 4
UE_STATIC_DECRYPTOR_XOR EQU 1
UE_STATIC_DECRYPTOR_SUB EQU 2
UE_STATIC_DECRYPTOR_ADD EQU 3
UE_STATIC_DECRYPTOR_FOREWARD EQU 1
UE_STATIC_DECRYPTOR_BACKWARD EQU 2
UE_STATIC_KEY_SIZE_1 EQU 1
UE_STATIC_KEY_SIZE_2 EQU 2
UE_STATIC_KEY_SIZE_4 EQU 4
UE_STATIC_KEY_SIZE_8 EQU 8
UE_STATIC_APLIB EQU 1
UE_STATIC_APLIB_DEPACK EQU 2
UE_STATIC_LZMA EQU 3
UE_STATIC_HASH_MD5 EQU 1
UE_STATIC_HASH_SHA1 EQU 2
UE_STATIC_HASH_CRC32 EQU 3
UE_RESOURCE_LANGUAGE_ANY EQU - 1
UE_PE_OFFSET EQU 0
UE_IMAGEBASE EQU 1
UE_OEP EQU 2
UE_SIZEOFIMAGE EQU 3
UE_SIZEOFHEADERS EQU 4
UE_SIZEOFOPTIONALHEADER EQU 5
UE_SECTIONALIGNMENT EQU 6
UE_IMPORTTABLEADDRESS EQU 7
UE_IMPORTTABLESIZE EQU 8
UE_RESOURCETABLEADDRESS EQU 9
UE_RESOURCETABLESIZE EQU 10
UE_EXPORTTABLEADDRESS EQU 11
UE_EXPORTTABLESIZE EQU 12
UE_TLSTABLEADDRESS EQU 13
UE_TLSTABLESIZE EQU 14
UE_RELOCATIONTABLEADDRESS EQU 15
UE_RELOCATIONTABLESIZE EQU 16
UE_TIMEDATESTAMP EQU 17
UE_SECTIONNUMBER EQU 18
UE_CHECKSUM EQU 19
UE_SUBSYSTEM EQU 20
UE_CHARACTERISTICS EQU 21
UE_NUMBEROFRVAANDSIZES EQU 22
UE_SECTIONNAME EQU 23
UE_SECTIONVIRTUALOFFSET EQU 24
UE_SECTIONVIRTUALSIZE EQU 25
UE_SECTIONRAWOFFSET EQU 26
UE_SECTIONRAWSIZE EQU 27
UE_SECTIONFLAGS EQU 28
UE_CH_BREAKPOINT EQU 1
UE_CH_SINGLESTEP EQU 2
UE_CH_ACCESSVIOLATION EQU 3
UE_CH_ILLEGALINSTRUCTION EQU 4
UE_CH_NONCONTINUABLEEXCEPTION EQU 5
UE_CH_ARRAYBOUNDSEXCEPTION EQU 6
UE_CH_FLOATDENORMALOPERAND EQU 7
UE_CH_FLOATDEVIDEBYZERO EQU 8
UE_CH_INTEGERDEVIDEBYZERO EQU 9
UE_CH_INTEGEROVERFLOW EQU 10
UE_CH_PRIVILEGEDINSTRUCTION EQU 11
UE_CH_PAGEGUARD EQU 12
UE_CH_EVERYTHINGELSE EQU 13
UE_CH_CREATETHREAD EQU 14
UE_CH_EXITTHREAD EQU 15
UE_CH_CREATEPROCESS EQU 16
UE_CH_EXITPROCESS EQU 17
UE_CH_LOADDLL EQU 18
UE_CH_UNLOADDLL EQU 19
UE_CH_OUTPUTDEBUGSTRING EQU 20
UE_CH_AFTEREXCEPTIONPROCESSING EQU 21
UE_CH_SYSTEMBREAKPOINT EQU 23
UE_CH_UNHANDLEDEXCEPTION EQU 24
UE_CH_RIPEVENT EQU 25
UE_CH_DEBUGEVENT EQU 26
UE_OPTION_HANDLER_RETURN_HANDLECOUNT EQU 1
UE_OPTION_HANDLER_RETURN_ACCESS EQU 2
UE_OPTION_HANDLER_RETURN_FLAGS EQU 3
UE_OPTION_HANDLER_RETURN_TYPENAME EQU 4
UE_BREAKPOINT_INT3 EQU 1
UE_BREAKPOINT_LONG_INT3 EQU 2
UE_BREAKPOINT_UD2 EQU 3
UE_BPXREMOVED EQU 0
UE_BPXACTIVE EQU 1
UE_BPXINACTIVE EQU 2
UE_BREAKPOINT EQU 0
UE_SINGLESHOOT EQU 1
UE_HARDWARE EQU 2
UE_MEMORY EQU 3
UE_MEMORY_READ EQU 4
UE_MEMORY_WRITE EQU 5
UE_MEMORY_EXECUTE EQU 6
UE_BREAKPOINT_TYPE_INT3 EQU 10000000h
UE_BREAKPOINT_TYPE_LONG_INT3 EQU 20000000h
UE_BREAKPOINT_TYPE_UD2 EQU 30000000h
UE_HARDWARE_EXECUTE EQU 4
UE_HARDWARE_WRITE EQU 5
UE_HARDWARE_READWRITE EQU 6
UE_HARDWARE_SIZE_1 EQU 7
UE_HARDWARE_SIZE_2 EQU 8
UE_HARDWARE_SIZE_4 EQU 9
UE_ON_LIB_LOAD EQU 1
UE_ON_LIB_UNLOAD EQU 2
UE_ON_LIB_ALL EQU 3
UE_APISTART EQU 0
UE_APIEND EQU 1
UE_PLATFORM_x86 EQU 1
UE_PLATFORM_x64 EQU 2
UE_PLATFORM_ALL EQU 3
UE_FUNCTION_STDCALL EQU 1
UE_FUNCTION_CCALL EQU 2
UE_FUNCTION_FASTCALL EQU 3
UE_FUNCTION_STDCALL_RET EQU 4
UE_FUNCTION_CCALL_RET EQU 5
UE_FUNCTION_FASTCALL_RET EQU 6
UE_FUNCTION_STDCALL_CALL EQU 7
UE_FUNCTION_CCALL_CALL EQU 8
UE_FUNCTION_FASTCALL_CALL EQU 9
UE_PARAMETER_BYTE EQU 0
UE_PARAMETER_WORD EQU 1
UE_PARAMETER_DWORD EQU 2
UE_PARAMETER_QWORD EQU 3
UE_PARAMETER_PTR_BYTE EQU 4
UE_PARAMETER_PTR_WORD EQU 5
UE_PARAMETER_PTR_DWORD EQU 6
UE_PARAMETER_PTR_QWORD EQU 7
UE_PARAMETER_STRING EQU 8
UE_PARAMETER_UNICODE EQU 9
UE_EAX EQU 1
UE_EBX EQU 2
UE_ECX EQU 3
UE_EDX EQU 4
UE_EDI EQU 5
UE_ESI EQU 6
UE_EBP EQU 7
UE_ESP EQU 8
UE_EIP EQU 9
UE_EFLAGS EQU 10
UE_DR0 EQU 11
UE_DR1 EQU 12
UE_DR2 EQU 13
UE_DR3 EQU 14
UE_DR6 EQU 15
UE_DR7 EQU 16
UE_RAX EQU 17
UE_RBX EQU 18
UE_RCX EQU 19
UE_RDX EQU 20
UE_RDI EQU 21
UE_RSI EQU 22
UE_RBP EQU 23
UE_RSP EQU 24
UE_RIP EQU 25
UE_RFLAGS EQU 26
UE_R8 EQU 27
UE_R9 EQU 28
UE_R10 EQU 29
UE_R11 EQU 30
UE_R12 EQU 31
UE_R13 EQU 32
UE_R14 EQU 33
UE_R15 EQU 34
UE_CIP EQU 35
UE_CSP EQU 36
UE_SEG_GS EQU 37
UE_SEG_FS EQU 38
UE_SEG_ES EQU 39
UE_SEG_DS EQU 40
UE_SEG_CS EQU 41
UE_SEG_SS EQU 42
ifndef @align
@align equ <>
endif
PE32Struct struct @align
PE32Offset DWORD ?
ImageBase DWORD ?
OriginalEntryPoint DWORD ?
NtSizeOfImage DWORD ?
NtSizeOfHeaders DWORD ?
SizeOfOptionalHeaders WORD ?
FileAlignment DWORD ?
SectionAligment DWORD ?
ImportTableAddress DWORD ?
ImportTableSize DWORD ?
ResourceTableAddress DWORD ?
ResourceTableSize DWORD ?
ExportTableAddress DWORD ?
ExportTableSize DWORD ?
TLSTableAddress DWORD ?
TLSTableSize DWORD ?
RelocationTableAddress DWORD ?
RelocationTableSize DWORD ?
TimeDateStamp DWORD ?
SectionNumber WORD ?
CheckSum DWORD ?
SubSystem WORD ?
Characteristics WORD ?
NumberOfRvaAndSizes DWORD ?
PE32Struct ends
PPE32Struct typedef ptr PE32Struct
ImportEnumData struct @align
NewDll bool ?
NumberOfImports DWORD ?
ImageBase DWORD ?
BaseImportThunk DWORD ?
ImportThunk DWORD ?
APIName DWORD ?
DLLName DWORD ?
ImportEnumData ends
PImportEnumData typedef ptr ImportEnumData
THREAD_ITEM_DATA struct @align
hThread HANDLE ?
dwThreadId DWORD ?
ThreadStartAddress DWORD ?
ThreadLocalBase DWORD ?
THREAD_ITEM_DATA ends
PTHREAD_ITEM_DATA typedef ptr THREAD_ITEM_DATA
LIBRARY_ITEM_DATA struct @align
hFile HANDLE ?
BaseOfDll DWORD ?
hFileMapping HANDLE ?
hFileMappingView DWORD ?
szLibraryPath SBYTE MAX_PATH dup (?)
szLibraryName SBYTE MAX_PATH dup (?)
LIBRARY_ITEM_DATA ends
PLIBRARY_ITEM_DATA typedef ptr LIBRARY_ITEM_DATA
LIBRARY_ITEM_DATAW struct @align
hFile HANDLE ?
BaseOfDll DWORD ?
hFileMapping HANDLE ?
hFileMappingView DWORD ?
szLibraryPath WORD MAX_PATH dup (?)
szLibraryName WORD MAX_PATH dup (?)
LIBRARY_ITEM_DATAW ends
PLIBRARY_ITEM_DATAW typedef ptr LIBRARY_ITEM_DATAW
PROCESS_ITEM_DATA struct @align
hProcess HANDLE ?
dwProcessId DWORD ?
hThread HANDLE ?
dwThreadId DWORD ?
hFile HANDLE ?
BaseOfImage DWORD ?
ThreadStartAddress DWORD ?
ThreadLocalBase DWORD ?
PROCESS_ITEM_DATA ends
PPROCESS_ITEM_DATA typedef ptr PROCESS_ITEM_DATA
HandlerArray struct @align
ProcessId DWORD ?
hHandle HANDLE ?
HandlerArray ends
PHandlerArray typedef ptr HandlerArray
PluginInformation struct @align
PluginName SBYTE 64 dup (?)
PluginMajorVersion DWORD ?
PluginMinorVersion DWORD ?
PluginBaseAddress HMODULE ?
TitanDebuggingCallBack DWORD ?
TitanRegisterPlugin DWORD ?
TitanReleasePlugin DWORD ?
TitanResetPlugin DWORD ?
PluginDisabled bool ?
PluginInformation ends
PPluginInformation typedef ptr PluginInformation
TEE_MAXIMUM_HOOK_SIZE EQU 14
TEE_MAXIMUM_HOOK_RELOCS EQU 7
TEE_MAXIMUM_HOOK_INSERT_SIZE EQU 5
HOOK_ENTRY struct @align
IATHook bool ?
HookType BYTE ?
HookSize DWORD ?
HookAddress DWORD ?
RedirectionAddress DWORD ?
HookBytes BYTE TEE_MAXIMUM_HOOK_SIZE dup (?)
OriginalBytes BYTE TEE_MAXIMUM_HOOK_SIZE dup (?)
IATHookModuleBase DWORD ?
IATHookNameHash DWORD ?
HookIsEnabled bool ?
HookIsRemote bool ?
PatchedEntry DWORD ?
RelocationInfo DWORD TEE_MAXIMUM_HOOK_RELOCS dup (?)
RelocationCount DWORD ?
HOOK_ENTRY ends
PHOOK_ENTRY typedef ptr HOOK_ENTRY
UE_DEPTH_SURFACE EQU 0
UE_DEPTH_DEEP EQU 1
UE_UNPACKER_CONDITION_SEARCH_FROM_EP EQU 1
UE_UNPACKER_CONDITION_LOADLIBRARY EQU 1
UE_UNPACKER_CONDITION_GETPROCADDRESS EQU 2
UE_UNPACKER_CONDITION_ENTRYPOINTBREAK EQU 3
UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 EQU 4
UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 EQU 5
UE_FIELD_OK EQU 0
UE_FIELD_BROKEN_NON_FIXABLE EQU 1
UE_FIELD_BROKEN_NON_CRITICAL EQU 2
UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE EQU 3
UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED EQU 4
UE_FIELD_FIXABLE_NON_CRITICAL EQU 5
UE_FIELD_FIXABLE_CRITICAL EQU 6
UE_FIELD_NOT_PRESET EQU 7
UE_FIELD_NOT_PRESET_WARNING EQU 8
UE_RESULT_FILE_OK EQU 10
UE_RESULT_FILE_INVALID_BUT_FIXABLE EQU 11
UE_RESULT_FILE_INVALID_AND_NON_FIXABLE EQU 12
UE_RESULT_FILE_INVALID_FORMAT EQU 13
FILE_STATUS_INFO struct @align
OveralEvaluation BYTE ?
EvaluationTerminatedByException bool ?
FileIs64Bit bool ?
FileIsDLL bool ?
FileIsConsole bool ?
MissingDependencies bool ?
MissingDeclaredAPIs bool ?
SignatureMZ BYTE ?
SignaturePE BYTE ?
EntryPoint BYTE ?
ImageBase BYTE ?
SizeOfImage BYTE ?
FileAlignment BYTE ?
SectionAlignment BYTE ?
ExportTable BYTE ?
RelocationTable BYTE ?
ImportTable BYTE ?
ImportTableSection BYTE ?
ImportTableData BYTE ?
IATTable BYTE ?
TLSTable BYTE ?
LoadConfigTable BYTE ?
BoundImportTable BYTE ?
COMHeaderTable BYTE ?
ResourceTable BYTE ?
ResourceData BYTE ?
SectionTable BYTE ?
FILE_STATUS_INFO ends
PFILE_STATUS_INFO typedef ptr FILE_STATUS_INFO
FILE_FIX_INFO struct @align
OveralEvaluation BYTE ?
FixingTerminatedByException bool ?
FileFixPerformed bool ?
StrippedRelocation bool ?
DontFixRelocations bool ?
OriginalRelocationTableAddress DWORD ?
OriginalRelocationTableSize DWORD ?
StrippedExports bool ?
DontFixExports bool ?
OriginalExportTableAddress DWORD ?
OriginalExportTableSize DWORD ?
StrippedResources bool ?
DontFixResources bool ?
OriginalResourceTableAddress DWORD ?
OriginalResourceTableSize DWORD ?
StrippedTLS bool ?
DontFixTLS bool ?
OriginalTLSTableAddress DWORD ?
OriginalTLSTableSize DWORD ?
StrippedLoadConfig bool ?
DontFixLoadConfig bool ?
OriginalLoadConfigTableAddress DWORD ?
OriginalLoadConfigTableSize DWORD ?
StrippedBoundImports bool ?
DontFixBoundImports bool ?
OriginalBoundImportTableAddress DWORD ?
OriginalBoundImportTableSize DWORD ?
StrippedIAT bool ?
DontFixIAT bool ?
OriginalImportAddressTableAddress DWORD ?
OriginalImportAddressTableSize DWORD ?
StrippedCOM bool ?
DontFixCOM bool ?
OriginalCOMTableAddress DWORD ?
OriginalCOMTableSize DWORD ?
FILE_FIX_INFO ends
PFILE_FIX_INFO typedef ptr FILE_FIX_INFO
DumpProcess proto stdcall :HANDLE, :LPVOID, :ptr SBYTE, :DWORD
DumpProcessW proto stdcall :HANDLE, :LPVOID, :ptr WORD, :DWORD
DumpProcessEx proto stdcall :DWORD, :LPVOID, :ptr SBYTE, :DWORD
DumpProcessExW proto stdcall :DWORD, :LPVOID, :ptr WORD, :DWORD
DumpMemory proto stdcall :HANDLE, :LPVOID, :DWORD, :ptr SBYTE
DumpMemoryW proto stdcall :HANDLE, :LPVOID, :DWORD, :ptr WORD
DumpMemoryEx proto stdcall :DWORD, :LPVOID, :DWORD, :ptr SBYTE
DumpMemoryExW proto stdcall :DWORD, :LPVOID, :DWORD, :ptr WORD
DumpRegions proto stdcall :HANDLE, :ptr SBYTE, :bool
DumpRegionsW proto stdcall :HANDLE, :ptr WORD, :bool
DumpRegionsEx proto stdcall :DWORD, :ptr SBYTE, :bool
DumpRegionsExW proto stdcall :DWORD, :ptr WORD, :bool
DumpModule proto stdcall :HANDLE, :LPVOID, :ptr SBYTE
DumpModuleW proto stdcall :HANDLE, :LPVOID, :ptr WORD
DumpModuleEx proto stdcall :DWORD, :LPVOID, :ptr SBYTE
DumpModuleExW proto stdcall :DWORD, :LPVOID, :ptr WORD
PastePEHeader proto stdcall :HANDLE, :LPVOID, :ptr SBYTE
PastePEHeaderW proto stdcall :HANDLE, :LPVOID, :ptr WORD
ExtractSection proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
ExtractSectionW proto stdcall :ptr WORD, :ptr WORD, :DWORD
ResortFileSections proto stdcall :ptr SBYTE
ResortFileSectionsW proto stdcall :ptr WORD
FindOverlay proto stdcall :ptr SBYTE, :LPDWORD, :LPDWORD
FindOverlayW proto stdcall :ptr WORD, :LPDWORD, :LPDWORD
ExtractOverlay proto stdcall :ptr SBYTE, :ptr SBYTE
ExtractOverlayW proto stdcall :ptr WORD, :ptr WORD
AddOverlay proto stdcall :ptr SBYTE, :ptr SBYTE
AddOverlayW proto stdcall :ptr WORD, :ptr WORD
CopyOverlay proto stdcall :ptr SBYTE, :ptr SBYTE
CopyOverlayW proto stdcall :ptr WORD, :ptr WORD
RemoveOverlay proto stdcall :ptr SBYTE
RemoveOverlayW proto stdcall :ptr WORD
MakeAllSectionsRWE proto stdcall :ptr SBYTE
MakeAllSectionsRWEW proto stdcall :ptr WORD
AddNewSectionEx proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :DWORD, :LPVOID, :DWORD
AddNewSectionExW proto stdcall :ptr WORD, :ptr SBYTE, :DWORD, :DWORD, :LPVOID, :DWORD
AddNewSection proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
AddNewSectionW proto stdcall :ptr WORD, :ptr SBYTE, :DWORD
ResizeLastSection proto stdcall :ptr SBYTE, :DWORD, :bool
ResizeLastSectionW proto stdcall :ptr WORD, :DWORD, :bool
SetSharedOverlay proto stdcall :ptr SBYTE
SetSharedOverlayW proto stdcall :ptr WORD
GetSharedOverlay proto stdcall
GetSharedOverlayW proto stdcall
DeleteLastSection proto stdcall :ptr SBYTE
DeleteLastSectionW proto stdcall :ptr WORD
DeleteLastSectionEx proto stdcall :ptr SBYTE, :DWORD
DeleteLastSectionExW proto stdcall :ptr WORD, :DWORD
GetPE32DataFromMappedFile proto stdcall :DWORD, :DWORD, :DWORD
GetPE32Data proto stdcall :ptr SBYTE, :DWORD, :DWORD
GetPE32DataW proto stdcall :ptr WORD, :DWORD, :DWORD
GetPE32DataFromMappedFileEx proto stdcall :DWORD, :LPVOID
GetPE32DataEx proto stdcall :ptr SBYTE, :LPVOID
GetPE32DataExW proto stdcall :ptr WORD, :LPVOID
SetPE32DataForMappedFile proto stdcall :DWORD, :DWORD, :DWORD, :DWORD
SetPE32Data proto stdcall :ptr SBYTE, :DWORD, :DWORD, :DWORD
SetPE32DataW proto stdcall :ptr WORD, :DWORD, :DWORD, :DWORD
SetPE32DataForMappedFileEx proto stdcall :DWORD, :LPVOID
SetPE32DataEx proto stdcall :ptr SBYTE, :LPVOID
GetPE32SectionNumberFromVA proto stdcall :DWORD, :DWORD
ConvertVAtoFileOffset proto stdcall :DWORD, :DWORD, :bool
ConvertVAtoFileOffsetEx proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :bool, :bool
ConvertFileOffsetToVA proto stdcall :DWORD, :DWORD, :bool
ConvertFileOffsetToVAEx proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :bool
FixHeaderCheckSum proto stdcall :ptr SBYTE
FixHeaderCheckSumW proto stdcall :ptr WORD
RealignPE proto stdcall :DWORD, :DWORD, :DWORD
RealignPEEx proto stdcall :ptr SBYTE, :DWORD, :DWORD
RealignPEExW proto stdcall :ptr WORD, :DWORD, :DWORD
WipeSection proto stdcall :ptr SBYTE, :DWORD, :bool
WipeSectionW proto stdcall :ptr WORD, :DWORD, :bool
IsPE32FileValidEx proto stdcall :ptr SBYTE, :DWORD, :LPVOID
IsPE32FileValidExW proto stdcall :ptr WORD, :DWORD, :LPVOID
FixBrokenPE32FileEx proto stdcall :ptr SBYTE, :LPVOID, :LPVOID
FixBrokenPE32FileExW proto stdcall :ptr WORD, :LPVOID, :LPVOID
IsFileDLL proto stdcall :ptr SBYTE, :DWORD
IsFileDLLW proto stdcall :ptr WORD, :DWORD
GetPEBLocation proto stdcall :HANDLE
GetPEBLocation64 proto stdcall :HANDLE
HideDebugger proto stdcall :HANDLE, :DWORD
UnHideDebugger proto stdcall :HANDLE, :DWORD
RelocaterCleanup proto stdcall
RelocaterInit proto stdcall :DWORD, :DWORD, :DWORD
RelocaterAddNewRelocation proto stdcall :HANDLE, :DWORD, :DWORD
RelocaterEstimatedSize proto stdcall
RelocaterExportRelocation proto stdcall :DWORD, :DWORD, :DWORD
RelocaterExportRelocationEx proto stdcall :ptr SBYTE, :ptr SBYTE
RelocaterExportRelocationExW proto stdcall :ptr WORD, :ptr SBYTE
RelocaterGrabRelocationTable proto stdcall :HANDLE, :DWORD, :DWORD
RelocaterGrabRelocationTableEx proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD
RelocaterMakeSnapshot proto stdcall :HANDLE, :ptr SBYTE, :LPVOID, :DWORD
RelocaterMakeSnapshotW proto stdcall :HANDLE, :ptr WORD, :LPVOID, :DWORD
RelocaterCompareTwoSnapshots proto stdcall :HANDLE, :DWORD, :DWORD, :ptr SBYTE, :ptr SBYTE, :DWORD
RelocaterCompareTwoSnapshotsW proto stdcall :HANDLE, :DWORD, :DWORD, :ptr WORD, :ptr WORD, :DWORD
RelocaterChangeFileBase proto stdcall :ptr SBYTE, :DWORD
RelocaterChangeFileBaseW proto stdcall :ptr WORD, :DWORD
RelocaterRelocateMemoryBlock proto stdcall :DWORD, :DWORD, :ptr , :DWORD, :DWORD, :DWORD
RelocaterWipeRelocationTable proto stdcall :ptr SBYTE
RelocaterWipeRelocationTableW proto stdcall :ptr WORD
ResourcerLoadFileForResourceUse proto stdcall :ptr SBYTE
ResourcerLoadFileForResourceUseW proto stdcall :ptr WORD
ResourcerFreeLoadedFile proto stdcall :LPVOID
ResourcerExtractResourceFromFileEx proto stdcall :DWORD, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
ResourcerExtractResourceFromFile proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
ResourcerExtractResourceFromFileW proto stdcall :ptr WORD, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
ResourcerFindResource proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :ptr SBYTE, :DWORD, :DWORD, :ptr DWORD, :LPDWORD
ResourcerFindResourceW proto stdcall :ptr WORD, :ptr WORD, :DWORD, :ptr WORD, :DWORD, :DWORD, :ptr DWORD, :LPDWORD
ResourcerFindResourceEx proto stdcall :DWORD, :DWORD, :ptr WORD, :DWORD, :ptr WORD, :DWORD, :DWORD, :ptr DWORD, :LPDWORD
ResourcerEnumerateResource proto stdcall :ptr SBYTE, :ptr
ResourcerEnumerateResourceW proto stdcall :ptr WORD, :ptr
ResourcerEnumerateResourceEx proto stdcall :DWORD, :DWORD, :ptr
ThreaderImportRunningThreadData proto stdcall :DWORD
ThreaderGetThreadInfo proto stdcall :HANDLE, :DWORD
ThreaderEnumThreadInfo proto stdcall :ptr
ThreaderPauseThread proto stdcall :HANDLE
ThreaderResumeThread proto stdcall :HANDLE
ThreaderTerminateThread proto stdcall :HANDLE, :DWORD
ThreaderPauseAllThreads proto stdcall :bool
ThreaderResumeAllThreads proto stdcall :bool
ThreaderPauseProcess proto stdcall
ThreaderResumeProcess proto stdcall
ThreaderCreateRemoteThread proto stdcall :DWORD, :bool, :LPVOID, :LPDWORD
ThreaderInjectAndExecuteCode proto stdcall :LPVOID, :DWORD, :DWORD
ThreaderCreateRemoteThreadEx proto stdcall :HANDLE, :DWORD, :bool, :LPVOID, :LPDWORD
ThreaderInjectAndExecuteCodeEx proto stdcall :HANDLE, :LPVOID, :DWORD, :DWORD
ThreaderSetCallBackForNextExitThreadEvent proto stdcall :LPVOID
ThreaderIsThreadStillRunning proto stdcall :HANDLE
ThreaderIsThreadActive proto stdcall :HANDLE
ThreaderIsAnyThreadActive proto stdcall
ThreaderExecuteOnlyInjectedThreads proto stdcall
ThreaderGetOpenHandleForThread proto stdcall :DWORD
ThreaderIsExceptionInMainThread proto stdcall
StaticDisassembleEx proto stdcall :DWORD, :LPVOID
StaticDisassemble proto stdcall :LPVOID
DisassembleEx proto stdcall :HANDLE, :LPVOID
Disassemble proto stdcall :LPVOID
StaticLengthDisassemble proto stdcall :LPVOID
LengthDisassembleEx proto stdcall :HANDLE, :LPVOID
LengthDisassemble proto stdcall :LPVOID
InitDebug proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
InitDebugW proto stdcall :ptr WORD, :ptr WORD, :ptr WORD
InitNativeDebug proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
InitNativeDebugW proto stdcall :ptr WORD, :ptr WORD, :ptr WORD
InitDebugEx proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :LPVOID
InitDebugExW proto stdcall :ptr WORD, :ptr WORD, :ptr WORD, :LPVOID
InitDLLDebug proto stdcall :ptr SBYTE, :bool, :ptr SBYTE, :ptr SBYTE, :LPVOID
InitDLLDebugW proto stdcall :ptr WORD, :bool, :ptr WORD, :ptr WORD, :LPVOID
StopDebug proto stdcall
SetBPXOptions proto stdcall :SDWORD
IsBPXEnabled proto stdcall :DWORD
EnableBPX proto stdcall :DWORD
DisableBPX proto stdcall :DWORD
SetBPX proto stdcall :DWORD, :DWORD, :LPVOID
DeleteBPX proto stdcall :DWORD
SafeDeleteBPX proto stdcall :DWORD
SetAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD, :DWORD, :LPVOID
DeleteAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
SafeDeleteAPIBreakPoint proto stdcall :ptr SBYTE, :ptr SBYTE, :DWORD
SetMemoryBPX proto stdcall :DWORD, :DWORD, :LPVOID
SetMemoryBPXEx proto stdcall :DWORD, :DWORD, :DWORD, :bool, :LPVOID
RemoveMemoryBPX proto stdcall :DWORD, :DWORD
GetContextFPUDataEx proto stdcall :HANDLE, :ptr
GetContextDataEx proto stdcall :HANDLE, :DWORD
GetContextData proto stdcall :DWORD
SetContextFPUDataEx proto stdcall :HANDLE, :ptr
SetContextDataEx proto stdcall :HANDLE, :DWORD, :DWORD
SetContextData proto stdcall :DWORD, :DWORD
ClearExceptionNumber proto stdcall
CurrentExceptionNumber proto stdcall
MatchPatternEx proto stdcall :HANDLE, :ptr , :DWORD, :ptr , :DWORD, :PBYTE
MatchPattern proto stdcall :ptr , :DWORD, :ptr , :DWORD, :PBYTE
FindEx proto stdcall :HANDLE, :LPVOID, :DWORD, :LPVOID, :DWORD, :LPBYTE
Find proto stdcall :LPVOID, :DWORD, :LPVOID, :DWORD, :LPBYTE
FillEx proto stdcall :HANDLE, :LPVOID, :DWORD, :PBYTE
Fill proto stdcall :LPVOID, :DWORD, :PBYTE
PatchEx proto stdcall :HANDLE, :LPVOID, :DWORD, :LPVOID, :DWORD, :bool, :bool
Patch proto stdcall :LPVOID, :DWORD, :LPVOID, :DWORD, :bool, :bool
ReplaceEx proto stdcall :HANDLE, :LPVOID, :DWORD, :LPVOID, :DWORD, :DWORD, :LPVOID, :DWORD, :PBYTE
Replace proto stdcall :LPVOID, :DWORD, :LPVOID, :DWORD, :DWORD, :LPVOID, :DWORD, :PBYTE
GetDebugData proto stdcall
GetTerminationData proto stdcall
GetExitCode proto stdcall
GetDebuggedDLLBaseAddress proto stdcall
GetDebuggedFileBaseAddress proto stdcall
GetRemoteString proto stdcall :HANDLE, :LPVOID, :LPVOID, :DWORD
GetFunctionParameter proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD
GetJumpDestinationEx proto stdcall :HANDLE, :DWORD, :bool
GetJumpDestination proto stdcall :HANDLE, :DWORD
IsJumpGoingToExecuteEx proto stdcall :HANDLE, :HANDLE, :DWORD, :DWORD
IsJumpGoingToExecute proto stdcall
SetCustomHandler proto stdcall :DWORD, :LPVOID
ForceClose proto stdcall
StepInto proto stdcall :LPVOID
StepOver proto stdcall :LPVOID
SingleStep proto stdcall :DWORD, :LPVOID
GetUnusedHardwareBreakPointRegister proto stdcall :LPDWORD
SetHardwareBreakPointEx proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :DWORD, :LPVOID, :LPDWORD
SetHardwareBreakPoint proto stdcall :DWORD, :DWORD, :DWORD, :DWORD, :LPVOID
DeleteHardwareBreakPoint proto stdcall :DWORD
RemoveAllBreakPoints proto stdcall :DWORD
GetProcessInformation proto stdcall
GetStartupInformation proto stdcall
DebugLoop proto stdcall
SetDebugLoopTimeOut proto stdcall :DWORD
SetNextDbgContinueStatus proto stdcall :DWORD
AttachDebugger proto stdcall :DWORD, :bool, :LPVOID, :LPVOID
DetachDebugger proto stdcall :DWORD
DetachDebuggerEx proto stdcall :DWORD
DebugLoopEx proto stdcall :DWORD
AutoDebugEx proto stdcall :ptr SBYTE, :bool, :ptr SBYTE, :ptr SBYTE, :DWORD, :LPVOID
AutoDebugExW proto stdcall :ptr WORD, :bool, :ptr WORD, :ptr WORD, :DWORD, :LPVOID
IsFileBeingDebugged proto stdcall
SetErrorModel proto stdcall :bool
FindOEPInit proto stdcall
FindOEPGenerically proto stdcall :ptr SBYTE, :LPVOID, :LPVOID
FindOEPGenericallyW proto stdcall :ptr WORD, :LPVOID, :LPVOID
ImporterCleanup proto stdcall
ImporterSetImageBase proto stdcall :DWORD
ImporterSetUnknownDelta proto stdcall :DWORD
ImporterGetCurrentDelta proto stdcall
ImporterInit proto stdcall :DWORD, :DWORD
ImporterAddNewDll proto stdcall :ptr SBYTE, :DWORD
ImporterAddNewAPI proto stdcall :ptr SBYTE, :DWORD
ImporterAddNewOrdinalAPI proto stdcall :DWORD, :DWORD
ImporterGetAddedDllCount proto stdcall
ImporterGetAddedAPICount proto stdcall
ImporterGetLastAddedDLLName proto stdcall
ImporterMoveIAT proto stdcall
ImporterExportIAT proto stdcall :DWORD, :DWORD
ImporterEstimatedSize proto stdcall
ImporterExportIATEx proto stdcall :ptr SBYTE, :ptr SBYTE
ImporterExportIATExW proto stdcall :ptr WORD, :ptr SBYTE
ImporterFindAPIWriteLocation proto stdcall :ptr SBYTE
ImporterFindOrdinalAPIWriteLocation proto stdcall :DWORD
ImporterFindAPIByWriteLocation proto stdcall :DWORD
ImporterFindDLLByWriteLocation proto stdcall :DWORD
ImporterGetDLLName proto stdcall :DWORD
ImporterGetAPIName proto stdcall :DWORD
ImporterGetAPIOrdinalNumber proto stdcall :DWORD
ImporterGetAPINameEx proto stdcall :DWORD, :DWORD
ImporterGetRemoteAPIAddress proto stdcall :HANDLE, :DWORD
ImporterGetRemoteAPIAddressEx proto stdcall :ptr SBYTE, :ptr SBYTE
ImporterGetLocalAPIAddress proto stdcall :HANDLE, :DWORD
ImporterGetDLLNameFromDebugee proto stdcall :HANDLE, :DWORD
ImporterGetAPINameFromDebugee proto stdcall :HANDLE, :DWORD
ImporterGetAPIOrdinalNumberFromDebugee proto stdcall :HANDLE, :DWORD
ImporterGetDLLIndexEx proto stdcall :DWORD, :DWORD
ImporterGetDLLIndex proto stdcall :HANDLE, :DWORD, :DWORD
ImporterGetRemoteDLLBase proto stdcall :HANDLE, :HMODULE
ImporterRelocateWriteLocation proto stdcall :DWORD
ImporterIsForwardedAPI proto stdcall :HANDLE, :DWORD
ImporterGetForwardedAPIName proto stdcall :HANDLE, :DWORD
ImporterGetForwardedDLLName proto stdcall :HANDLE, :DWORD
ImporterGetForwardedDLLIndex proto stdcall :HANDLE, :DWORD, :DWORD
ImporterGetForwardedAPIOrdinalNumber proto stdcall :HANDLE, :DWORD
ImporterGetNearestAPIAddress proto stdcall :HANDLE, :DWORD
ImporterGetNearestAPIName proto stdcall :HANDLE, :DWORD
ImporterCopyOriginalIAT proto stdcall :ptr SBYTE, :ptr SBYTE
ImporterCopyOriginalIATW proto stdcall :ptr WORD, :ptr WORD
ImporterLoadImportTable proto stdcall :ptr SBYTE
ImporterLoadImportTableW proto stdcall :ptr WORD
ImporterMoveOriginalIAT proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE
ImporterMoveOriginalIATW proto stdcall :ptr WORD, :ptr WORD, :ptr SBYTE
ImporterAutoSearchIAT proto stdcall :HANDLE, :ptr SBYTE, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID
ImporterAutoSearchIATW proto stdcall :HANDLE, :ptr WORD, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID
ImporterAutoSearchIATEx proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :LPVOID, :LPVOID
ImporterEnumAddedData proto stdcall :LPVOID
ImporterAutoFixIATEx proto stdcall :HANDLE, :ptr SBYTE, :ptr SBYTE, :bool, :bool, :DWORD, :DWORD, :DWORD, :DWORD, :DWORD, :bool, :bool, :LPVOID
ImporterAutoFixIATExW proto stdcall :HANDLE, :ptr WORD, :ptr SBYTE, :bool, :bool, :DWORD, :DWORD, :DWORD, :DWORD, :DWORD, :bool, :bool, :LPVOID
ImporterAutoFixIAT proto stdcall :HANDLE, :ptr SBYTE, :DWORD, :DWORD, :DWORD, :DWORD
ImporterAutoFixIATW proto stdcall :HANDLE, :ptr WORD, :DWORD, :DWORD, :DWORD, :DWORD
HooksSafeTransitionEx proto stdcall :LPVOID, :DWORD, :bool
HooksSafeTransition proto stdcall :LPVOID, :bool
HooksIsAddressRedirected proto stdcall :LPVOID
HooksGetTrampolineAddress proto stdcall :LPVOID
HooksGetHookEntryDetails proto stdcall :LPVOID
HooksInsertNewRedirection proto stdcall :LPVOID, :LPVOID, :DWORD
HooksInsertNewIATRedirectionEx proto stdcall :DWORD, :DWORD, :ptr SBYTE, :LPVOID
HooksInsertNewIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :LPVOID
HooksRemoveRedirection proto stdcall :LPVOID, :bool
HooksRemoveRedirectionsForModule proto stdcall :HMODULE
HooksRemoveIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
HooksDisableRedirection proto stdcall :LPVOID, :bool
HooksDisableRedirectionsForModule proto stdcall :HMODULE
HooksDisableIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
HooksEnableRedirection proto stdcall :LPVOID, :bool
HooksEnableRedirectionsForModule proto stdcall :HMODULE
HooksEnableIATRedirection proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
HooksScanModuleMemory proto stdcall :HMODULE, :LPVOID
HooksScanEntireProcessMemory proto stdcall :LPVOID
HooksScanEntireProcessMemoryEx proto stdcall
TracerInit proto stdcall
TracerLevel1 proto stdcall :HANDLE, :DWORD
HashTracerLevel1 proto stdcall :HANDLE, :DWORD, :DWORD
TracerDetectRedirection proto stdcall :HANDLE, :DWORD
TracerFixKnownRedirection proto stdcall :HANDLE, :DWORD, :DWORD
TracerFixRedirectionViaImpRecPlugin proto stdcall :HANDLE, :ptr SBYTE, :DWORD
ExporterCleanup proto stdcall
ExporterSetImageBase proto stdcall :DWORD
ExporterInit proto stdcall :DWORD, :DWORD, :DWORD, :ptr SBYTE
ExporterAddNewExport proto stdcall :ptr SBYTE, :DWORD
ExporterAddNewOrdinalExport proto stdcall :DWORD, :DWORD
ExporterGetAddedExportCount proto stdcall
ExporterEstimatedSize proto stdcall
ExporterBuildExportTable proto stdcall :DWORD, :DWORD
ExporterBuildExportTableEx proto stdcall :ptr SBYTE, :ptr SBYTE
ExporterBuildExportTableExW proto stdcall :ptr WORD, :ptr SBYTE
ExporterLoadExportTable proto stdcall :ptr SBYTE
ExporterLoadExportTableW proto stdcall :ptr WORD
LibrarianSetBreakPoint proto stdcall :ptr SBYTE, :DWORD, :bool, :LPVOID
LibrarianRemoveBreakPoint proto stdcall :ptr SBYTE, :DWORD
LibrarianGetLibraryInfo proto stdcall :ptr SBYTE
LibrarianGetLibraryInfoW proto stdcall :ptr WORD
LibrarianGetLibraryInfoEx proto stdcall :ptr
LibrarianGetLibraryInfoExW proto stdcall :ptr
LibrarianEnumLibraryInfo proto stdcall :ptr
LibrarianEnumLibraryInfoW proto stdcall :ptr
GetActiveProcessId proto stdcall :ptr SBYTE
GetActiveProcessIdW proto stdcall :ptr WORD
EnumProcessesWithLibrary proto stdcall :ptr SBYTE, :ptr
TLSBreakOnCallBack proto stdcall :LPVOID, :DWORD, :LPVOID
TLSGrabCallBackData proto stdcall :ptr SBYTE, :LPVOID, :LPDWORD
TLSGrabCallBackDataW proto stdcall :ptr WORD, :LPVOID, :LPDWORD
TLSBreakOnCallBackEx proto stdcall :ptr SBYTE, :LPVOID
TLSBreakOnCallBackExW proto stdcall :ptr WORD, :LPVOID
TLSRemoveCallback proto stdcall :ptr SBYTE
TLSRemoveCallbackW proto stdcall :ptr WORD
TLSRemoveTable proto stdcall :ptr SBYTE
TLSRemoveTableW proto stdcall :ptr WORD
TLSBackupData proto stdcall :ptr SBYTE
TLSBackupDataW proto stdcall :ptr WORD
TLSRestoreData proto stdcall
TLSBuildNewTable proto stdcall :DWORD, :DWORD, :DWORD, :LPVOID, :DWORD
TLSBuildNewTableEx proto stdcall :ptr SBYTE, :ptr SBYTE, :LPVOID, :DWORD
TLSBuildNewTableExW proto stdcall :ptr WORD, :ptr SBYTE, :LPVOID, :DWORD
TranslateNativeName proto stdcall :ptr SBYTE
TranslateNativeNameW proto stdcall :ptr WORD
HandlerGetActiveHandleCount proto stdcall :DWORD
HandlerIsHandleOpen proto stdcall :DWORD, :HANDLE
HandlerGetHandleName proto stdcall :HANDLE, :DWORD, :HANDLE, :bool
HandlerGetHandleNameW proto stdcall :HANDLE, :DWORD, :HANDLE, :bool
HandlerEnumerateOpenHandles proto stdcall :DWORD, :LPVOID, :DWORD
HandlerGetHandleDetails proto stdcall :HANDLE, :DWORD, :HANDLE, :DWORD
HandlerCloseRemoteHandle proto stdcall :HANDLE, :HANDLE
HandlerEnumerateLockHandles proto stdcall :ptr SBYTE, :bool, :bool, :LPVOID, :DWORD
HandlerEnumerateLockHandlesW proto stdcall :ptr WORD, :bool, :bool, :LPVOID, :DWORD
HandlerCloseAllLockHandles proto stdcall :ptr SBYTE, :bool, :bool
HandlerCloseAllLockHandlesW proto stdcall :ptr WORD, :bool, :bool
HandlerIsFileLocked proto stdcall :ptr SBYTE, :bool, :bool
HandlerIsFileLockedW proto stdcall :ptr WORD, :bool, :bool
HandlerEnumerateOpenMutexes proto stdcall :HANDLE, :DWORD, :LPVOID, :DWORD
HandlerGetOpenMutexHandle proto stdcall :HANDLE, :DWORD, :ptr SBYTE
HandlerGetOpenMutexHandleW proto stdcall :HANDLE, :DWORD, :ptr WORD
HandlerGetProcessIdWhichCreatedMutex proto stdcall :ptr SBYTE
HandlerGetProcessIdWhichCreatedMutexW proto stdcall :ptr WORD
RemoteLoadLibrary proto stdcall :HANDLE, :ptr SBYTE, :bool
RemoteLoadLibraryW proto stdcall :HANDLE, :ptr WORD, :bool
RemoteFreeLibrary proto stdcall :HANDLE, :HMODULE, :ptr SBYTE, :bool
RemoteFreeLibraryW proto stdcall :HANDLE, :HMODULE, :ptr WORD, :bool
RemoteExitProcess proto stdcall :HANDLE, :DWORD
StaticFileLoad proto stdcall :ptr SBYTE, :DWORD, :bool, :LPHANDLE, :LPDWORD, :LPHANDLE, :ptr DWORD
StaticFileLoadW proto stdcall :ptr WORD, :DWORD, :bool, :LPHANDLE, :LPDWORD, :LPHANDLE, :ptr DWORD
StaticFileUnload proto stdcall :ptr SBYTE, :bool, :HANDLE, :DWORD, :HANDLE, :DWORD
StaticFileUnloadW proto stdcall :ptr WORD, :bool, :HANDLE, :DWORD, :HANDLE, :DWORD
StaticFileOpen proto stdcall :ptr SBYTE, :DWORD, :LPHANDLE, :LPDWORD, :LPDWORD
StaticFileOpenW proto stdcall :ptr WORD, :DWORD, :LPHANDLE, :LPDWORD, :LPDWORD
StaticFileGetContent proto stdcall :HANDLE, :DWORD, :LPDWORD, :ptr , :DWORD
StaticFileClose proto stdcall :HANDLE
StaticMemoryDecrypt proto stdcall :LPVOID, :DWORD, :DWORD, :DWORD, :DWORD
StaticMemoryDecryptEx proto stdcall :LPVOID, :DWORD, :DWORD, :ptr
StaticMemoryDecryptSpecial proto stdcall :LPVOID, :DWORD, :DWORD, :DWORD, :ptr
StaticSectionDecrypt proto stdcall :DWORD, :DWORD, :bool, :DWORD, :DWORD, :DWORD
StaticMemoryDecompress proto stdcall :ptr , :DWORD, :ptr , :DWORD, :DWORD
StaticRawMemoryCopy proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :bool, :ptr SBYTE
StaticRawMemoryCopyW proto stdcall :HANDLE, :DWORD, :DWORD, :DWORD, :bool, :ptr WORD
StaticRawMemoryCopyEx proto stdcall :HANDLE, :DWORD, :DWORD, :ptr SBYTE
StaticRawMemoryCopyExW proto stdcall :HANDLE, :DWORD, :DWORD, :ptr WORD
StaticHashMemory proto stdcall :ptr , :DWORD, :ptr , :bool, :DWORD
StaticHashFileW proto stdcall :ptr WORD, :ptr SBYTE, :bool, :DWORD
StaticHashFile proto stdcall :ptr SBYTE, :ptr SBYTE, :bool, :DWORD
EngineUnpackerInitialize proto stdcall :ptr SBYTE, :ptr SBYTE, :bool, :bool, :bool, :ptr
EngineUnpackerInitializeW proto stdcall :ptr WORD, :ptr WORD, :bool, :bool, :bool, :ptr
EngineUnpackerSetBreakCondition proto stdcall :ptr , :DWORD, :ptr , :DWORD, :DWORD, :DWORD, :bool, :DWORD, :DWORD
EngineUnpackerSetEntryPointAddress proto stdcall :DWORD
EngineUnpackerFinalizeUnpacking proto stdcall
SetEngineVariable proto stdcall :DWORD, :bool
EngineCreateMissingDependencies proto stdcall :ptr SBYTE, :ptr SBYTE, :bool
EngineCreateMissingDependenciesW proto stdcall :ptr WORD, :ptr WORD, :bool
EngineFakeMissingDependencies proto stdcall :HANDLE
EngineDeleteCreatedDependencies proto stdcall
EngineCreateUnpackerWindow proto stdcall :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :ptr SBYTE, :ptr
EngineAddUnpackerWindowLogMessage proto stdcall :ptr SBYTE
ExtensionManagerIsPluginLoaded proto stdcall :ptr SBYTE
ExtensionManagerIsPluginEnabled proto stdcall :ptr SBYTE
ExtensionManagerDisableAllPlugins proto stdcall
ExtensionManagerDisablePlugin proto stdcall :ptr SBYTE
ExtensionManagerEnableAllPlugins proto stdcall
ExtensionManagerEnablePlugin proto stdcall :ptr SBYTE
ExtensionManagerUnloadAllPlugins proto stdcall
ExtensionManagerUnloadPlugin proto stdcall :ptr SBYTE
ExtensionManagerGetPluginInfo proto stdcall :ptr SBYTE
;--- errors: 0
;--- end of file ---

1398
SDK/Python/TitanEngine.py
View File

File diff suppressed because it is too large Load Diff

6
TitanEngine/TitanEngine.vcxproj
View File

@ -297,8 +297,6 @@
<ClCompile Include="TitanEngine.TranslateName.cpp" /> <ClCompile Include="TitanEngine.TranslateName.cpp" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="..\SDK\CPP\TitanEngine.h" />
<ClInclude Include="..\SDK\CPP\TitanEngine.hpp" />
<ClInclude Include="..\SDK\C\TitanEngine.h" /> <ClInclude Include="..\SDK\C\TitanEngine.h" />
<ClInclude Include="aplib.h" /> <ClInclude Include="aplib.h" />
<ClInclude Include="definitions.h" /> <ClInclude Include="definitions.h" />
@ -336,10 +334,6 @@
<ResourceCompile Include="TitanEngine.rc" /> <ResourceCompile Include="TitanEngine.rc" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<None Include="..\SDK\Delphi\TitanEngine.pas" />
<None Include="..\SDK\LUA\TitanEngine.lua" />
<None Include="..\SDK\MASM\TitanEngine.INC" />
<None Include="..\SDK\Python\TitanEngine.py" />
<None Include="..\TitanEngineLoaders\LibraryLoader\x32\LibraryLoader.exe" /> <None Include="..\TitanEngineLoaders\LibraryLoader\x32\LibraryLoader.exe" />
<None Include="..\TitanEngineLoaders\LibraryLoader\x64\LibraryLoader.exe" /> <None Include="..\TitanEngineLoaders\LibraryLoader\x64\LibraryLoader.exe" />
<None Include="Global.Engine.Hash.h" /> <None Include="Global.Engine.Hash.h" />

33
TitanEngine/TitanEngine.vcxproj.filters
View File

@ -37,21 +37,6 @@
<Filter Include="Header Files\SDK\C"> <Filter Include="Header Files\SDK\C">
<UniqueIdentifier>{2efe2f1a-4ee7-4249-a67c-c51a63aa8f0d}</UniqueIdentifier> <UniqueIdentifier>{2efe2f1a-4ee7-4249-a67c-c51a63aa8f0d}</UniqueIdentifier>
</Filter> </Filter>
<Filter Include="Header Files\SDK\CPP">
<UniqueIdentifier>{a1fcc566-fbcf-45e0-a99e-0dc7c8f1f3b1}</UniqueIdentifier>
</Filter>
<Filter Include="Header Files\SDK\Delphi">
<UniqueIdentifier>{6ead5e95-3e59-431b-a190-f031c0195a6c}</UniqueIdentifier>
</Filter>
<Filter Include="Header Files\SDK\LUA">
<UniqueIdentifier>{4f08d968-e800-4208-b62a-147d69620060}</UniqueIdentifier>
</Filter>
<Filter Include="Header Files\SDK\MASM">
<UniqueIdentifier>{1012361d-2057-4706-9c0f-e864e2c7a7c5}</UniqueIdentifier>
</Filter>
<Filter Include="Header Files\SDK\Python">
<UniqueIdentifier>{a7ccfa4b-cc58-4f5f-88a1-35d65ab8b5a9}</UniqueIdentifier>
</Filter>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClCompile Include="stdafx.cpp"> <ClCompile Include="stdafx.cpp">
@ -332,12 +317,6 @@
<ClInclude Include="..\SDK\C\TitanEngine.h"> <ClInclude Include="..\SDK\C\TitanEngine.h">
<Filter>Header Files\SDK\C</Filter> <Filter>Header Files\SDK\C</Filter>
</ClInclude> </ClInclude>
<ClInclude Include="..\SDK\CPP\TitanEngine.h">
<Filter>Header Files\SDK\CPP</Filter>
</ClInclude>
<ClInclude Include="..\SDK\CPP\TitanEngine.hpp">
<Filter>Header Files\SDK\CPP</Filter>
</ClInclude>
<ClInclude Include="Global.Engine.Context.h"> <ClInclude Include="Global.Engine.Context.h">
<Filter>Header Files\TitanEngine</Filter> <Filter>Header Files\TitanEngine</Filter>
</ClInclude> </ClInclude>
@ -363,17 +342,5 @@
<None Include="Global.Engine.Hash.h"> <None Include="Global.Engine.Hash.h">
<Filter>Header Files\TitanEngine</Filter> <Filter>Header Files\TitanEngine</Filter>
</None> </None>
<None Include="..\SDK\Delphi\TitanEngine.pas">
<Filter>Header Files\SDK\Delphi</Filter>
</None>
<None Include="..\SDK\LUA\TitanEngine.lua">
<Filter>Header Files\SDK\LUA</Filter>
</None>
<None Include="..\SDK\MASM\TitanEngine.INC">
<Filter>Header Files\SDK\MASM</Filter>
</None>
<None Include="..\SDK\Python\TitanEngine.py">
<Filter>Header Files\SDK\Python</Filter>
</None>
</ItemGroup> </ItemGroup>
</Project> </Project>