first commit

.gitignore

@@ -0,0 +1,9 @@
+/ipch
+/TitanEngine/bin
+/TitanEngine/obj
+/TitanEngine/x64
+/TitanEngine/Release
+*.layout
+*.depend
+*.sdf
+*.suo

TitanEngine.sln

@@ -0,0 +1,26 @@
+
+Microsoft Visual Studio Solution File, Format Version 11.00
+# Visual Studio 2010
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TitanEngine", "TitanEngine\TitanEngine.vcxproj", "{9C7B8246-FDDA-48C7-9634-044969701E40}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Debug|x64 = Debug|x64
+		Release|Win32 = Release|Win32
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Debug|Win32.ActiveCfg = Debug|Win32
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Debug|Win32.Build.0 = Debug|Win32
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Debug|x64.ActiveCfg = Debug|x64
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Debug|x64.Build.0 = Debug|x64
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Release|Win32.ActiveCfg = Release|Win32
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Release|Win32.Build.0 = Release|Win32
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Release|x64.ActiveCfg = Release|x64
+		{9C7B8246-FDDA-48C7-9634-044969701E40}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

TitanEngine/LzmaDec.h

@@ -0,0 +1,223 @@
+/* LzmaDec.h -- LZMA Decoder
+2008-10-04 : Igor Pavlov : Public domain */
+
+#ifndef __LZMADEC_H
+#define __LZMADEC_H
+
+#include "LzmaTypes.h"
+
+/* #define _LZMA_PROB32 */
+/* _LZMA_PROB32 can increase the speed on some CPUs,
+   but memory usage for CLzmaDec::probs will be doubled in that case */
+
+#ifdef _LZMA_PROB32
+#define CLzmaProb UInt32
+#else
+#define CLzmaProb UInt16
+#endif
+
+
+/* ---------- LZMA Properties ---------- */
+
+#define LZMA_PROPS_SIZE 5
+
+typedef struct _CLzmaProps
+{
+  unsigned lc, lp, pb;
+  UInt32 dicSize;
+} CLzmaProps;
+
+/* LzmaProps_Decode - decodes properties
+Returns:
+  SZ_OK
+  SZ_ERROR_UNSUPPORTED - Unsupported properties
+*/
+
+SRes LzmaProps_Decode(CLzmaProps *p, const Byte *data, unsigned size);
+
+
+/* ---------- LZMA Decoder state ---------- */
+
+/* LZMA_REQUIRED_INPUT_MAX = number of required input bytes for worst case.
+   Num bits = log2((2^11 / 31) ^ 22) + 26 < 134 + 26 = 160; */
+
+#define LZMA_REQUIRED_INPUT_MAX 20
+
+typedef struct
+{
+  CLzmaProps prop;
+  CLzmaProb *probs;
+  Byte *dic;
+  const Byte *buf;
+  UInt32 range, code;
+  SizeT dicPos;
+  SizeT dicBufSize;
+  UInt32 processedPos;
+  UInt32 checkDicSize;
+  unsigned state;
+  UInt32 reps[4];
+  unsigned remainLen;
+  int needFlush;
+  int needInitState;
+  UInt32 numProbs;
+  unsigned tempBufSize;
+  Byte tempBuf[LZMA_REQUIRED_INPUT_MAX];
+} CLzmaDec;
+
+#define LzmaDec_Construct(p) { (p)->dic = 0; (p)->probs = 0; }
+
+void LzmaDec_Init(CLzmaDec *p);
+
+/* There are two types of LZMA streams:
+     0) Stream with end mark. That end mark adds about 6 bytes to compressed size.
+     1) Stream without end mark. You must know exact uncompressed size to decompress such stream. */
+
+typedef enum
+{
+  LZMA_FINISH_ANY,   /* finish at any point */
+  LZMA_FINISH_END    /* block must be finished at the end */
+} ELzmaFinishMode;
+
+/* ELzmaFinishMode has meaning only if the decoding reaches output limit !!!
+
+   You must use LZMA_FINISH_END, when you know that current output buffer
+   covers last bytes of block. In other cases you must use LZMA_FINISH_ANY.
+
+   If LZMA decoder sees end marker before reaching output limit, it returns SZ_OK,
+   and output value of destLen will be less than output buffer size limit.
+   You can check status result also.
+
+   You can use multiple checks to test data integrity after full decompression:
+     1) Check Result and "status" variable.
+     2) Check that output(destLen) = uncompressedSize, if you know real uncompressedSize.
+     3) Check that output(srcLen) = compressedSize, if you know real compressedSize.
+        You must use correct finish mode in that case. */
+
+typedef enum
+{
+  LZMA_STATUS_NOT_SPECIFIED,               /* use main error code instead */
+  LZMA_STATUS_FINISHED_WITH_MARK,          /* stream was finished with end mark. */
+  LZMA_STATUS_NOT_FINISHED,                /* stream was not finished */
+  LZMA_STATUS_NEEDS_MORE_INPUT,            /* you must provide more input bytes */
+  LZMA_STATUS_MAYBE_FINISHED_WITHOUT_MARK  /* there is probability that stream was finished without end mark */
+} ELzmaStatus;
+
+/* ELzmaStatus is used only as output value for function call */
+
+
+/* ---------- Interfaces ---------- */
+
+/* There are 3 levels of interfaces:
+     1) Dictionary Interface
+     2) Buffer Interface
+     3) One Call Interface
+   You can select any of these interfaces, but don't mix functions from different
+   groups for same object. */
+
+
+/* There are two variants to allocate state for Dictionary Interface:
+     1) LzmaDec_Allocate / LzmaDec_Free
+     2) LzmaDec_AllocateProbs / LzmaDec_FreeProbs
+   You can use variant 2, if you set dictionary buffer manually.
+   For Buffer Interface you must always use variant 1.
+
+LzmaDec_Allocate* can return:
+  SZ_OK
+  SZ_ERROR_MEM         - Memory allocation error
+  SZ_ERROR_UNSUPPORTED - Unsupported properties
+*/
+   
+SRes LzmaDec_AllocateProbs(CLzmaDec *p, const Byte *props, unsigned propsSize, ISzAlloc *alloc);
+void LzmaDec_FreeProbs(CLzmaDec *p, ISzAlloc *alloc);
+
+SRes LzmaDec_Allocate(CLzmaDec *state, const Byte *prop, unsigned propsSize, ISzAlloc *alloc);
+void LzmaDec_Free(CLzmaDec *state, ISzAlloc *alloc);
+
+/* ---------- Dictionary Interface ---------- */
+
+/* You can use it, if you want to eliminate the overhead for data copying from
+   dictionary to some other external buffer.
+   You must work with CLzmaDec variables directly in this interface.
+
+   STEPS:
+     LzmaDec_Constr()
+     LzmaDec_Allocate()
+     for (each new stream)
+     {
+       LzmaDec_Init()
+       while (it needs more decompression)
+       {
+         LzmaDec_DecodeToDic()
+         use data from CLzmaDec::dic and update CLzmaDec::dicPos
+       }
+     }
+     LzmaDec_Free()
+*/
+
+/* LzmaDec_DecodeToDic
+   
+   The decoding to internal dictionary buffer (CLzmaDec::dic).
+   You must manually update CLzmaDec::dicPos, if it reaches CLzmaDec::dicBufSize !!!
+
+finishMode:
+  It has meaning only if the decoding reaches output limit (dicLimit).
+  LZMA_FINISH_ANY - Decode just dicLimit bytes.
+  LZMA_FINISH_END - Stream must be finished after dicLimit.
+
+Returns:
+  SZ_OK
+    status:
+      LZMA_STATUS_FINISHED_WITH_MARK
+      LZMA_STATUS_NOT_FINISHED
+      LZMA_STATUS_NEEDS_MORE_INPUT
+      LZMA_STATUS_MAYBE_FINISHED_WITHOUT_MARK
+  SZ_ERROR_DATA - Data error
+*/
+
+SRes LzmaDec_DecodeToDic(CLzmaDec *p, SizeT dicLimit,
+    const Byte *src, SizeT *srcLen, ELzmaFinishMode finishMode, ELzmaStatus *status);
+
+
+/* ---------- Buffer Interface ---------- */
+
+/* It's zlib-like interface.
+   See LzmaDec_DecodeToDic description for information about STEPS and return results,
+   but you must use LzmaDec_DecodeToBuf instead of LzmaDec_DecodeToDic and you don't need
+   to work with CLzmaDec variables manually.
+
+finishMode:
+  It has meaning only if the decoding reaches output limit (*destLen).
+  LZMA_FINISH_ANY - Decode just destLen bytes.
+  LZMA_FINISH_END - Stream must be finished after (*destLen).
+*/
+
+SRes LzmaDec_DecodeToBuf(CLzmaDec *p, Byte *dest, SizeT *destLen,
+    const Byte *src, SizeT *srcLen, ELzmaFinishMode finishMode, ELzmaStatus *status);
+
+
+/* ---------- One Call Interface ---------- */
+
+/* LzmaDecode
+
+finishMode:
+  It has meaning only if the decoding reaches output limit (*destLen).
+  LZMA_FINISH_ANY - Decode just destLen bytes.
+  LZMA_FINISH_END - Stream must be finished after (*destLen).
+
+Returns:
+  SZ_OK
+    status:
+      LZMA_STATUS_FINISHED_WITH_MARK
+      LZMA_STATUS_NOT_FINISHED
+      LZMA_STATUS_MAYBE_FINISHED_WITHOUT_MARK
+  SZ_ERROR_DATA - Data error
+  SZ_ERROR_MEM  - Memory allocation error
+  SZ_ERROR_UNSUPPORTED - Unsupported properties
+  SZ_ERROR_INPUT_EOF - It needs more bytes in input buffer (src).
+*/
+
+SRes LzmaDecode(Byte *dest, SizeT *destLen, const Byte *src, SizeT *srcLen,
+    const Byte *propData, unsigned propSize, ELzmaFinishMode finishMode,
+    ELzmaStatus *status, ISzAlloc *alloc);
+
+#endif

TitanEngine/LzmaTypes.h

@@ -0,0 +1,211 @@
+/* Types.h -- Basic types
+2008-11-23 : Igor Pavlov : Public domain */
+
+#ifndef __7Z_TYPES_H
+#define __7Z_TYPES_H
+
+#include <stddef.h>
+
+#ifdef _WIN32
+#include <windows.h>
+#endif
+
+#define SZ_OK 0
+
+#define SZ_ERROR_DATA 1
+#define SZ_ERROR_MEM 2
+#define SZ_ERROR_CRC 3
+#define SZ_ERROR_UNSUPPORTED 4
+#define SZ_ERROR_PARAM 5
+#define SZ_ERROR_INPUT_EOF 6
+#define SZ_ERROR_OUTPUT_EOF 7
+#define SZ_ERROR_READ 8
+#define SZ_ERROR_WRITE 9
+#define SZ_ERROR_PROGRESS 10
+#define SZ_ERROR_FAIL 11
+#define SZ_ERROR_THREAD 12
+
+#define SZ_ERROR_ARCHIVE 16
+#define SZ_ERROR_NO_ARCHIVE 17
+
+typedef int SRes;
+
+#ifdef _WIN32
+typedef DWORD WRes;
+#else
+typedef int WRes;
+#endif
+
+#ifndef RINOK
+#define RINOK(x) { int __result__ = (x); if (__result__ != 0) return __result__; }
+#endif
+
+typedef unsigned char Byte;
+typedef short Int16;
+typedef unsigned short UInt16;
+
+#ifdef _LZMA_UINT32_IS_ULONG
+typedef long Int32;
+typedef unsigned long UInt32;
+#else
+typedef int Int32;
+typedef unsigned int UInt32;
+#endif
+
+#ifdef _SZ_NO_INT_64
+
+/* define _SZ_NO_INT_64, if your compiler doesn't support 64-bit integers.
+   NOTES: Some code will work incorrectly in that case! */
+
+typedef long Int64;
+typedef unsigned long UInt64;
+
+#else
+
+#if defined(_MSC_VER) || defined(__BORLANDC__)
+typedef __int64 Int64;
+typedef unsigned __int64 UInt64;
+#else
+typedef long long int Int64;
+typedef unsigned long long int UInt64;
+#endif
+
+#endif
+
+#ifdef _LZMA_NO_SYSTEM_SIZE_T
+typedef UInt32 SizeT;
+#else
+typedef size_t SizeT;
+#endif
+
+typedef int Bool;
+#define True 1
+#define False 0
+
+
+#ifdef _MSC_VER
+
+#if _MSC_VER >= 1300
+#define MY_NO_INLINE __declspec(noinline)
+#else
+#define MY_NO_INLINE
+#endif
+
+#define MY_CDECL __cdecl
+#define MY_STD_CALL __stdcall
+#define MY_FAST_CALL MY_NO_INLINE __fastcall
+
+#else
+
+#define MY_CDECL
+#define MY_STD_CALL
+#define MY_FAST_CALL
+
+#endif
+
+
+/* The following interfaces use first parameter as pointer to structure */
+
+typedef struct
+{
+  SRes (*Read)(void *p, void *buf, size_t *size);
+    /* if (input(*size) != 0 && output(*size) == 0) means end_of_stream.
+       (output(*size) < input(*size)) is allowed */
+} ISeqInStream;
+
+/* it can return SZ_ERROR_INPUT_EOF */
+SRes SeqInStream_Read(ISeqInStream *stream, void *buf, size_t size);
+SRes SeqInStream_Read2(ISeqInStream *stream, void *buf, size_t size, SRes errorType);
+SRes SeqInStream_ReadByte(ISeqInStream *stream, Byte *buf);
+
+typedef struct
+{
+  size_t (*Write)(void *p, const void *buf, size_t size);
+    /* Returns: result - the number of actually written bytes.
+       (result < size) means error */
+} ISeqOutStream;
+
+typedef enum
+{
+  SZ_SEEK_SET = 0,
+  SZ_SEEK_CUR = 1,
+  SZ_SEEK_END = 2
+} ESzSeek;
+
+typedef struct
+{
+  SRes (*Read)(void *p, void *buf, size_t *size);  /* same as ISeqInStream::Read */
+  SRes (*Seek)(void *p, Int64 *pos, ESzSeek origin);
+} ISeekInStream;
+
+typedef struct
+{
+  SRes (*Look)(void *p, void **buf, size_t *size);
+    /* if (input(*size) != 0 && output(*size) == 0) means end_of_stream.
+       (output(*size) > input(*size)) is not allowed
+       (output(*size) < input(*size)) is allowed */
+  SRes (*Skip)(void *p, size_t offset);
+    /* offset must be <= output(*size) of Look */
+
+  SRes (*Read)(void *p, void *buf, size_t *size);
+    /* reads directly (without buffer). It's same as ISeqInStream::Read */
+  SRes (*Seek)(void *p, Int64 *pos, ESzSeek origin);
+} ILookInStream;
+
+SRes LookInStream_LookRead(ILookInStream *stream, void *buf, size_t *size);
+SRes LookInStream_SeekTo(ILookInStream *stream, UInt64 offset);
+
+/* reads via ILookInStream::Read */
+SRes LookInStream_Read2(ILookInStream *stream, void *buf, size_t size, SRes errorType);
+SRes LookInStream_Read(ILookInStream *stream, void *buf, size_t size);
+
+#define LookToRead_BUF_SIZE (1 << 14)
+
+typedef struct
+{
+  ILookInStream s;
+  ISeekInStream *realStream;
+  size_t pos;
+  size_t size;
+  Byte buf[LookToRead_BUF_SIZE];
+} CLookToRead;
+
+void LookToRead_CreateVTable(CLookToRead *p, int lookahead);
+void LookToRead_Init(CLookToRead *p);
+
+typedef struct
+{
+  ISeqInStream s;
+  ILookInStream *realStream;
+} CSecToLook;
+
+void SecToLook_CreateVTable(CSecToLook *p);
+
+typedef struct
+{
+  ISeqInStream s;
+  ILookInStream *realStream;
+} CSecToRead;
+
+void SecToRead_CreateVTable(CSecToRead *p);
+
+typedef struct
+{
+  SRes (*Progress)(void *p, UInt64 inSize, UInt64 outSize);
+    /* Returns: result. (result != SZ_OK) means break.
+       Value (UInt64)(Int64)-1 for size means unknown value. */
+} ICompressProgress;
+
+typedef struct
+{
+  void *(*Alloc)(void *p, size_t size);
+  void (*Free)(void *p, void *address); /* address can be 0 */
+} ISzAlloc;
+
+#define IAlloc_Alloc(p, size) (p)->Alloc((p), size)
+#define IAlloc_Free(p, a) (p)->Free((p), a)
+
+void* LzmaAllocMem(void *p, size_t size);
+void LzmaFreeMem(void *p, void *address);
+
+#endif

TitanEngine/ReadMe.txt

@@ -0,0 +1,41 @@
+========================================================================
+    DYNAMIC LINK LIBRARY : UnpackerEngine Project Overview
+========================================================================
+
+AppWizard has created this UnpackerEngine DLL for you.
+
+This file contains a summary of what you will find in each of the files that
+make up your UnpackerEngine application.
+
+
+UnpackerEngine.vcproj
+    This is the main project file for VC++ projects generated using an Application Wizard.
+    It contains information about the version of Visual C++ that generated the file, and
+    information about the platforms, configurations, and project features selected with the
+    Application Wizard.
+
+UnpackerEngine.cpp
+    This is the main DLL source file.
+
+	When created, this DLL does not export any symbols. As a result, it
+	will not produce a .lib file when it is built. If you wish this project
+	to be a project dependency of some other project, you will either need to
+	add code to export some symbols from the DLL so that an export library
+	will be produced, or you can set the Ignore Input Library property to Yes
+	on the General propert page of the Linker folder in the project's Property
+	Pages dialog box.
+
+/////////////////////////////////////////////////////////////////////////////
+Other standard files:
+
+StdAfx.h, StdAfx.cpp
+    These files are used to build a precompiled header (PCH) file
+    named UnpackerEngine.pch and a precompiled types file named StdAfx.obj.
+
+/////////////////////////////////////////////////////////////////////////////
+Other notes:
+
+AppWizard uses "TODO:" comments to indicate parts of the source code you
+should add to or customize.
+
+/////////////////////////////////////////////////////////////////////////////

TitanEngine/TitanEngine.cbp

@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
+<CodeBlocks_project_file>
+	<FileVersion major="1" minor="6" />
+	<Project>
+		<Option title="TitanEngine" />
+		<Option pch_mode="2" />
+		<Option compiler="msvc10" />
+		<Build>
+			<Target title="x64">
+				<Option output="bin/x64/TitanEngine" imp_lib="$(TARGET_OUTPUT_DIR)$(TARGET_OUTPUT_BASENAME).a" def_file="$(TARGET_OUTPUT_DIR)$(TARGET_OUTPUT_BASENAME).def" prefix_auto="1" extension_auto="1" />
+				<Option object_output="obj/x64" />
+				<Option type="3" />
+				<Option compiler="microsoft_visual_c_2010_x64" />
+				<Option createDefFile="1" />
+				<Option createStaticLib="1" />
+				<Compiler>
+					<Add option="/DWIN32" />
+					<Add option="/DNDEBUG" />
+					<Add option="/D_WINDOWS" />
+					<Add option="/D_USRDLL" />
+					<Add option="/DUNPACKERENGINE_EXPORTS" />
+				</Compiler>
+				<Linker>
+					<Add library="C:\CodeBlocks\TitanEngine\Source\TitanEngine\TitanEngine\distorm_x64.lib" />
+					<Add library="Imagehlp.lib" />
+					<Add library="psapi.lib" />
+				</Linker>
+			</Target>
+			<Target title="x32">
+				<Option output="bin/x32/TitanEngine" imp_lib="$(TARGET_OUTPUT_DIR)$(TARGET_OUTPUT_BASENAME).a" def_file="$(TARGET_OUTPUT_DIR)$(TARGET_OUTPUT_BASENAME).def" prefix_auto="1" extension_auto="1" />
+				<Option object_output="obj/x32" />
+				<Option type="3" />
+				<Option compiler="msvc10" />
+				<Option createDefFile="1" />
+				<Option createStaticLib="1" />
+				<Compiler>
+					<Add option="/DWIN32" />
+					<Add option="/DNDEBUG" />
+					<Add option="/D_WINDOWS" />
+					<Add option="/D_USRDLL" />
+					<Add option="/DUNPACKERENGINE_EXPORTS" />
+				</Compiler>
+				<Linker>
+					<Add library="C:\CodeBlocks\TitanEngine\Source\TitanEngine\TitanEngine\distorm_x86.lib" />
+					<Add library="Imagehlp.lib" />
+					<Add library="psapi.lib" />
+				</Linker>
+			</Target>
+		</Build>
+		<Linker>
+			<Add library="user32" />
+			<Add library="advapi32" />
+			<Add library="comdlg32" />
+			<Add library="shell32" />
+		</Linker>
+		<Unit filename="LzmaDec.cpp" />
+		<Unit filename="TitanEngine.cpp" />
+		<Unit filename="TitanEngine.rc">
+			<Option compilerVar="WINDRES" />
+		</Unit>
+		<Unit filename="dllmain.cpp" />
+		<Unit filename="resource.h" />
+		<Unit filename="stdafx.cpp" />
+		<Unit filename="stdafx.h" />
+		<Unit filename="targetver.h" />
+		<Extensions>
+			<code_completion />
+			<envvars />
+			<debugger />
+		</Extensions>
+	</Project>
+</CodeBlocks_project_file>

TitanEngine/TitanEngine.def

@@ -0,0 +1,407 @@
+LIBRARY "TitanEngine"
+EXPORTS
+DumpProcess
+DumpProcessW
+DumpProcessEx
+DumpProcessExW
+DumpMemory
+DumpMemoryW
+DumpMemoryEx
+DumpMemoryExW
+DumpRegions
+DumpRegionsW
+DumpRegionsEx
+DumpRegionsExW
+DumpModule
+DumpModuleW
+DumpModuleEx
+DumpModuleExW
+PastePEHeader
+PastePEHeaderW
+ExtractSection
+ExtractSectionW
+ResortFileSections
+ResortFileSectionsW
+FindOverlay
+FindOverlayW
+ExtractOverlay
+ExtractOverlayW
+AddOverlay
+AddOverlayW
+CopyOverlay
+CopyOverlayW
+RemoveOverlay
+RemoveOverlayW
+MakeAllSectionsRWE
+MakeAllSectionsRWEW
+AddNewSection
+AddNewSectionW
+AddNewSectionEx
+AddNewSectionExW
+ResizeLastSection
+ResizeLastSectionW
+SetSharedOverlay
+SetSharedOverlayW
+GetSharedOverlay
+GetSharedOverlayW
+DeleteLastSection
+DeleteLastSectionW
+DeleteLastSectionEx
+DeleteLastSectionExW
+GetPE32SectionNumberFromVA
+ConvertVAtoFileOffset
+ConvertVAtoFileOffsetEx
+ConvertFileOffsetToVA
+ConvertFileOffsetToVAEx
+GetPE32Data
+GetPE32DataW
+GetPE32DataFromMappedFile
+GetPE32DataEx
+GetPE32DataExW
+GetPE32DataFromMappedFileEx
+SetPE32Data
+SetPE32DataW
+SetPE32DataForMappedFile
+SetPE32DataEx
+SetPE32DataExW
+SetPE32DataForMappedFileEx
+IsFileDLL
+IsFileDLLW
+WipeSection
+WipeSectionW
+RealignPE
+RealignPEEx
+RealignPEExW
+IsPE32FileValidEx
+IsPE32FileValidExW
+FixBrokenPE32FileEx
+FixBrokenPE32FileExW
+FixHeaderCheckSum
+FixHeaderCheckSumW
+InitDebug
+InitDebugW
+InitDebugEx
+InitDebugExW
+InitDLLDebug
+InitDLLDebugW
+StopDebug
+SetBPXOptions
+IsBPXEnabled
+SetBPX
+SetBPXEx
+DisableBPX
+EnableBPX
+DeleteBPX
+SafeDeleteBPX
+RemoveAllBreakPoints
+SetMemoryBPX
+SetMemoryBPXEx
+RemoveMemoryBPX
+SetAPIBreakPoint
+DeleteAPIBreakPoint
+SafeDeleteAPIBreakPoint
+GetContextData
+GetContextDataEx
+GetContextFPUDataEx
+SetContextData
+SetContextDataEx
+SetContextFPUDataEx
+ClearExceptionNumber
+CurrentExceptionNumber
+StaticLengthDisassemble
+LengthDisassemble
+LengthDisassembleEx
+StaticDisassemble
+StaticDisassembleEx
+DisassembleEx
+Disassemble
+MatchPatternEx
+MatchPattern
+FindEx
+Find
+FillEx
+Fill
+PatchEx
+Patch
+ReplaceEx
+Replace
+GetDebugData
+GetTerminationData
+GetExitCode
+SetCustomHandler
+ForceClose
+SetNextDbgContinueStatus
+DebugLoop
+DebugLoopEx
+StepInto
+StepOver
+SingleStep
+SetHardwareBreakPoint
+SetHardwareBreakPointEx
+GetUnusedHardwareBreakPointRegister
+DeleteHardwareBreakPoint
+AttachDebugger
+DetachDebugger
+DetachDebuggerEx
+GetDebuggedDLLBaseAddress
+GetDebuggedFileBaseAddress
+GetRemoteString
+GetFunctionParameter
+GetJumpDestination
+GetJumpDestinationEx
+IsJumpGoingToExecuteEx
+IsJumpGoingToExecute
+SetDebugLoopTimeOut
+GetProcessInformation
+GetStartupInformation
+AutoDebugEx
+AutoDebugExW
+IsFileBeingDebugged
+SetErrorModel
+ImporterInit
+ImporterAddNewDll
+ImporterAddNewAPI
+ImporterAddNewOrdinalAPI
+ImporterExportIAT
+ImporterExportIATEx
+ImporterExportIATExW
+ImporterEstimatedSize
+ImporterSetImageBase
+ImporterSetUnknownDelta
+ImporterGetCurrentDelta
+ImporterCleanup
+ImporterGetAddedDllCount
+ImporterGetAddedAPICount
+ImporterGetLastAddedDLLName
+ImporterMoveIAT
+ImporterFindAPIWriteLocation
+ImporterFindOrdinalAPIWriteLocation
+ImporterFindAPIByWriteLocation
+ImporterFindDLLByWriteLocation
+ImporterGetDLLName
+ImporterGetAPIName
+ImporterGetAPINameEx
+ImporterGetAPIOrdinalNumber
+ImporterGetRemoteAPIAddress
+ImporterGetRemoteAPIAddressEx
+ImporterGetLocalAPIAddress
+ImporterGetDLLNameFromDebugee
+ImporterGetAPINameFromDebugee
+ImporterGetAPIOrdinalNumberFromDebugee
+ImporterGetDLLIndexEx
+ImporterGetDLLIndex
+ImporterGetRemoteDLLBase
+ImporterGetRemoteDLLBaseEx
+ImporterRelocateWriteLocation
+ImporterIsForwardedAPI
+ImporterAutoSearchIAT
+ImporterAutoSearchIATW
+ImporterAutoSearchIATEx
+ImporterAutoFixIATEx
+ImporterAutoFixIATExW
+ImporterAutoFixIAT
+ImporterAutoFixIATW
+ImporterIsForwardedAPI
+ImporterGetForwardedAPIName
+ImporterGetForwardedDLLName
+ImporterGetForwardedDLLIndex
+ImporterGetForwardedAPIOrdinalNumber
+ImporterGetNearestAPIAddress
+ImporterGetNearestAPIName
+ImporterCopyOriginalIAT
+ImporterCopyOriginalIATW
+ImporterLoadImportTable
+ImporterLoadImportTableW
+ImporterMoveOriginalIAT
+ImporterMoveOriginalIATW
+ImporterEnumAddedData
+HooksSafeTransition
+HooksSafeTransitionEx
+HooksIsAddressRedirected
+HooksGetTrampolineAddress
+HooksGetHookEntryDetails
+HooksInsertNewRedirection
+HooksInsertNewIATRedirection
+HooksInsertNewIATRedirectionEx
+HooksRemoveRedirection
+HooksRemoveRedirectionsForModule
+HooksRemoveIATRedirection
+HooksDisableRedirection
+HooksDisableRedirectionsForModule
+HooksDisableIATRedirection
+HooksEnableRedirection
+HooksEnableRedirectionsForModule
+HooksEnableIATRedirection
+HooksScanModuleMemory
+HooksScanEntireProcessMemory
+HooksScanEntireProcessMemoryEx
+GetPEBLocation
+HideDebugger
+UnHideDebugger
+RelocaterInit
+RelocaterCleanup
+RelocaterAddNewRelocation
+RelocaterEstimatedSize
+RelocaterExportRelocation
+RelocaterExportRelocationEx
+RelocaterExportRelocationExW
+RelocaterGrabRelocationTable
+RelocaterGrabRelocationTableEx
+RelocaterMakeSnapshot
+RelocaterMakeSnapshotW
+RelocaterCompareTwoSnapshots
+RelocaterCompareTwoSnapshotsW
+RelocaterChangeFileBase
+RelocaterChangeFileBaseW
+RelocaterRelocateMemoryBlock
+RelocaterWipeRelocationTable
+RelocaterWipeRelocationTableW
+ExporterInit
+ExporterCleanup
+ExporterSetImageBase
+ExporterAddNewExport
+ExporterAddNewOrdinalExport
+ExporterGetAddedExportCount
+ExporterEstimatedSize
+ExporterBuildExportTable
+ExporterBuildExportTableEx
+ExporterBuildExportTableExW
+ExporterLoadExportTable
+ExporterLoadExportTableW
+LibrarianSetBreakPoint
+LibrarianRemoveBreakPoint
+LibrarianGetLibraryInfo
+LibrarianGetLibraryInfoW
+LibrarianGetLibraryInfoEx
+LibrarianGetLibraryInfoExW
+LibrarianEnumLibraryInfo
+LibrarianEnumLibraryInfoW
+SetEngineVariable
+TLSRemoveCallback
+TLSRemoveCallbackW
+TLSRemoveTable
+TLSRemoveTableW
+TLSBuildNewTable
+TLSBuildNewTableEx
+TLSBuildNewTableExW
+TLSGrabCallBackData
+TLSGrabCallBackDataW
+TLSBackupData
+TLSBackupDataW
+TLSRestoreData
+TLSBreakOnCallBack
+TLSBreakOnCallBackEx
+TLSBreakOnCallBackExW
+ResourcerLoadFileForResourceUse
+ResourcerLoadFileForResourceUseW
+ResourcerFreeLoadedFile
+ResourcerExtractResourceFromFileEx
+ResourcerExtractResourceFromFile
+ResourcerExtractResourceFromFileW
+ResourcerEnumerateResource
+ResourcerEnumerateResourceW
+ResourcerEnumerateResourceEx
+ResourcerFindResource
+ResourcerFindResourceW
+ResourcerFindResourceEx
+TracerInit
+TracerLevel1
+HashTracerLevel1
+TracerDetectRedirection
+TracerFixKnownRedirection
+TracerFixRedirectionViaImpRecPlugin
+ThreaderImportRunningThreadData
+ThreaderEnumThreadInfo
+ThreaderGetThreadInfo
+ThreaderPauseThread
+ThreaderResumeThread
+ThreaderTerminateThread
+ThreaderPauseAllThreads
+ThreaderResumeAllThreads
+ThreaderPauseProcess
+ThreaderResumeProcess
+ThreaderCreateRemoteThread
+ThreaderCreateRemoteThreadEx
+ThreaderInjectAndExecuteCode
+ThreaderInjectAndExecuteCodeEx
+ThreaderSetCallBackForNextExitThreadEvent
+ThreaderIsExceptionInMainThread
+ThreaderIsThreadStillRunning
+ThreaderIsThreadActive
+ThreaderIsAnyThreadActive
+ThreaderExecuteOnlyInjectedThreads
+ThreaderGetOpenHandleForThread
+ThreaderGetThreadData
+StaticFileLoad
+StaticFileLoadW
+StaticFileUnload
+StaticFileUnloadW
+StaticFileOpen
+StaticFileOpenW
+StaticFileGetContent
+StaticFileClose
+StaticMemoryDecrypt
+StaticMemoryDecryptEx
+StaticMemoryDecryptSpecial
+StaticSectionDecrypt
+StaticMemoryDecompress
+StaticRawMemoryCopyW
+StaticRawMemoryCopy
+StaticRawMemoryCopyEx
+StaticRawMemoryCopyExW
+StaticRawMemoryCopyEx64
+StaticRawMemoryCopyEx64W
+StaticHashMemory
+StaticHashFileW
+StaticHashFile
+TranslateNativeName
+TranslateNativeNameW
+HandlerGetActiveHandleCount
+HandlerIsHandleOpen
+HandlerGetHandleName
+HandlerGetHandleNameW
+HandlerEnumerateOpenHandles
+HandlerGetHandleDetails
+HandlerCloseRemoteHandle
+HandlerCloseAllLockHandlesW
+HandlerEnumerateLockHandles
+HandlerEnumerateLockHandlesW
+HandlerIsFileLocked
+HandlerIsFileLockedW
+HandlerCloseAllLockHandles
+HandlerEnumerateOpenMutexes
+HandlerGetOpenMutexHandle
+HandlerGetOpenMutexHandleW
+HandlerGetProcessIdWhichCreatedMutex
+HandlerGetProcessIdWhichCreatedMutexW
+RemoteLoadLibrary
+RemoteLoadLibraryW
+RemoteFreeLibrary
+RemoteFreeLibraryW
+RemoteExitProcess
+FindOEPInit
+FindOEPGenerically
+FindOEPGenericallyW
+GetActiveProcessId
+GetActiveProcessIdW
+EnumProcessesWithLibrary
+EngineFakeMissingDependencies
+EngineDeleteCreatedDependencies
+EngineCreateMissingDependencies
+EngineCreateMissingDependenciesW
+EngineCreateUnpackerWindow
+EngineAddUnpackerWindowLogMessage
+ExtensionManagerIsPluginLoaded
+ExtensionManagerIsPluginEnabled
+ExtensionManagerDisablePlugin
+ExtensionManagerDisableAllPlugins
+ExtensionManagerEnablePlugin
+ExtensionManagerEnableAllPlugins
+ExtensionManagerUnloadPlugin
+ExtensionManagerUnloadAllPlugins
+ExtensionManagerGetPluginInfo
+EngineUnpackerInitialize
+EngineUnpackerInitializeW
+EngineUnpackerSetEntryPointAddress
+EngineUnpackerSetBreakCondition
+EngineUnpackerFinalizeUnpacking

TitanEngine/TitanEngine.rc

@@ -0,0 +1,156 @@
+// Microsoft Visual C++ generated resource script.
+//
+#include "resource.h"
+
+#define APSTUDIO_READONLY_SYMBOLS
+/////////////////////////////////////////////////////////////////////////////
+//
+// Generated from the TEXTINCLUDE 2 resource.
+//
+#include "afxres.h"
+
+/////////////////////////////////////////////////////////////////////////////
+#undef APSTUDIO_READONLY_SYMBOLS
+
+/////////////////////////////////////////////////////////////////////////////
+// English (U.S.) resources
+
+#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
+#ifdef _WIN32
+LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
+#pragma code_page(1252)
+#endif //_WIN32
+
+#ifdef APSTUDIO_INVOKED
+/////////////////////////////////////////////////////////////////////////////
+//
+// TEXTINCLUDE
+//
+
+1 TEXTINCLUDE 
+BEGIN
+    "resource.h\0"
+END
+
+2 TEXTINCLUDE 
+BEGIN
+    "#include ""afxres.h""\r\n"
+    "\0"
+END
+
+3 TEXTINCLUDE 
+BEGIN
+    "\r\n"
+    "\0"
+END
+
+#endif    // APSTUDIO_INVOKED
+
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// BINARY
+//
+
+LOADERX86               BINARY                  "..\\TitanEngineLoaders\\LibraryLoader\\x32\\LibraryLoader.exe"
+LOADERX64               BINARY                  "..\\TitanEngineLoaders\\LibraryLoader\\x64\\LibraryLoader.exe"
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Dialog
+//
+
+IDD_MAINWINDOW DIALOGEX 0, 0, 255, 206
+STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_NOFAILCREATE | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
+EXSTYLE WS_EX_ACCEPTFILES
+CAPTION "[ TitanEngine2 ]"
+FONT 8, "Verdana", 0, 0, 0x1
+BEGIN
+    CONTROL         130,IDC_STATIC,"Static",SS_BITMAP,0,0,321,38
+    CONTROL         "Realign PE32 file [Recommended, but it can produce invalid files]",IDC_REALING,
+                    "Button",BS_AUTOCHECKBOX | WS_TABSTOP,5,156,241,14
+    EDITTEXT        IDC_FILENAME,42,55,163,12,ES_AUTOHSCROLL | ES_READONLY | NOT WS_BORDER | NOT WS_TABSTOP,WS_EX_STATICEDGE
+    CTEXT           "- TitanEngine2 unpacker -",IDD_UNPACKERTITLE,2,39,250,10,SS_SUNKEN | NOT WS_GROUP,WS_EX_STATICEDGE
+    LTEXT           "[Filename]",112,3,55,36,10
+    GROUPBOX        "Unpack execution messages",113,2,72,250,112
+    LISTBOX         IDC_LISTBOX,5,81,243,75,LBS_NOINTEGRALHEIGHT | NOT WS_BORDER | WS_VSCROLL | WS_HSCROLL | WS_TABSTOP,WS_EX_STATICEDGE
+    PUSHBUTTON      "UnPack",IDC_UNPACK,71,188,60,14,BS_CENTER | BS_VCENTER
+    PUSHBUTTON      "Browse",IDC_BROWSE,210,53,40,14,BS_CENTER | BS_VCENTER
+    PUSHBUTTON      "About",IDC_ABOUT,131,188,60,14
+    PUSHBUTTON      "Exit",IDC_EXIT,191,188,60,14
+    CONTROL         131,IDC_STATIC,"Static",SS_BITMAP,5,191,46,9
+    CONTROL         "Copy file overlay [Recommended for all SFX files]",IDC_COPYOVERLAY,
+                    "Button",BS_AUTOCHECKBOX | WS_TABSTOP,5,168,241,14
+END
+
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Bitmap
+//
+
+IDB_BITMAP1             BITMAP                  "HEADER.BMP"
+IDB_BITMAP2             BITMAP                  "LOGO.bmp"
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Version
+//
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION 2,0,3,0
+ PRODUCTVERSION 2,0,3,0
+ FILEFLAGSMASK 0x17L
+#ifdef _DEBUG
+ FILEFLAGS 0x1L
+#else
+ FILEFLAGS 0x0L
+#endif
+ FILEOS 0x4L
+ FILETYPE 0x0L
+ FILESUBTYPE 0x0L
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+        BLOCK "040904b0"
+        BEGIN
+            VALUE "CompanyName", "ReversingLabs Corporation"
+            VALUE "FileDescription", "TitanEngine2"
+            VALUE "FileVersion", "2, 0, 3, 0"
+            VALUE "InternalName", "TitanEngine"
+            VALUE "LegalCopyright", "Copyright (C) 2009"
+            VALUE "OriginalFilename", "TitanEngine.dll"
+            VALUE "ProductName", "TitanEngine"
+            VALUE "ProductVersion", "2, 0, 3, 0"
+        END
+    END
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 1200
+    END
+END
+
+
+/////////////////////////////////////////////////////////////////////////////
+//
+// Icon
+//
+
+// Icon with lowest ID value placed first to ensure application icon
+// remains consistent on all systems.
+IDI_ICON2               ICON                    "MAINICON.ico"
+#endif    // English (U.S.) resources
+/////////////////////////////////////////////////////////////////////////////
+
+
+
+#ifndef APSTUDIO_INVOKED
+/////////////////////////////////////////////////////////////////////////////
+//
+// Generated from the TEXTINCLUDE 3 resource.
+//
+
+
+/////////////////////////////////////////////////////////////////////////////
+#endif    // not APSTUDIO_INVOKED
+

TitanEngine/TitanEngine.vcproj

@@ -0,0 +1,521 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="9.00"
+	Name="TitanEngine"
+	ProjectGUID="{9C7B8246-FDDA-48C7-9634-044969701E40}"
+	RootNamespace="TitanEngine"
+	Keyword="Win32Proj"
+	TargetFrameworkVersion="196613"
+	>
+	<Platforms>
+		<Platform
+			Name="Win32"
+		/>
+		<Platform
+			Name="x64"
+		/>
+	</Platforms>
+	<ToolFiles>
+	</ToolFiles>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="2"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				EnableIntrinsicFunctions="false"
+				FavorSizeOrSpeed="1"
+				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="0"
+				StructMemberAlignment="1"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="2"
+				WarningLevel="3"
+				DebugInformationFormat="4"
+				CallingConvention="0"
+				CompileAs="2"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="&quot;$(ProjectDir)distorm_x86.lib&quot; Imagehlp.lib psapi.lib"
+				OutputFile="$(OutDir)\TitanEngine.dll"
+				LinkIncremental="2"
+				IgnoreAllDefaultLibraries="false"
+				ModuleDefinitionFile="$(ProjectDir)TitanEngine.def"
+				AddModuleNamesToAssembly=""
+				GenerateDebugInformation="true"
+				GenerateMapFile="false"
+				MapExports="false"
+				SubSystem="2"
+				OptimizeReferences="0"
+				ResourceOnlyDLL="false"
+				SetChecksum="false"
+				TargetMachine="1"
+				CLRThreadAttribute="0"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Debug|x64"
+			OutputDirectory="$(SolutionDir)$(PlatformName)\$(ConfigurationName)"
+			IntermediateDirectory="$(PlatformName)\$(ConfigurationName)"
+			ConfigurationType="2"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+				TargetEnvironment="3"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="3"
+				StructMemberAlignment="1"
+				UsePrecompiledHeader="2"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+				CallingConvention="2"
+				CompileAs="2"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="&quot;$(ProjectDir)distorm_x64.lib&quot; Imagehlp.lib psapi.lib"
+				OutputFile="$(OutDir)\TitanEngine.dll"
+				LinkIncremental="2"
+				IgnoreAllDefaultLibraries="false"
+				ModuleDefinitionFile="$(ProjectDir)TitanEngine.def"
+				GenerateDebugInformation="true"
+				GenerateMapFile="false"
+				MapExports="false"
+				SubSystem="2"
+				ResourceOnlyDLL="false"
+				SetChecksum="false"
+				TargetMachine="17"
+				CLRThreadAttribute="2"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="2"
+			CharacterSet="1"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				EnableIntrinsicFunctions="false"
+				WholeProgramOptimization="false"
+				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS"
+				RuntimeLibrary="0"
+				StructMemberAlignment="1"
+				EnableFunctionLevelLinking="false"
+				UsePrecompiledHeader="2"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+				CallingConvention="0"
+				CompileAs="2"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="&quot;$(ProjectDir)distorm_x86.lib&quot; Imagehlp.lib psapi.lib"
+				ModuleDefinitionFile="$(ProjectDir)TitanEngine.def"
+				GenerateDebugInformation="false"
+				LinkTimeCodeGeneration="0"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|x64"
+			OutputDirectory="$(SolutionDir)$(PlatformName)\$(ConfigurationName)"
+			IntermediateDirectory="$(PlatformName)\$(ConfigurationName)"
+			ConfigurationType="2"
+			CharacterSet="1"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+				TargetEnvironment="3"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="2"
+				EnableIntrinsicFunctions="true"
+				PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS"
+				RuntimeLibrary="0"
+				StructMemberAlignment="1"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="2"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="&quot;$(ProjectDir)distorm_x64.lib&quot; Imagehlp.lib psapi.lib"
+				OutputFile="$(OutDir)\TitanEngine.dll"
+				LinkIncremental="1"
+				IgnoreAllDefaultLibraries="false"
+				ModuleDefinitionFile="$(ProjectDir)TitanEngine.def"
+				GenerateDebugInformation="false"
+				SubSystem="2"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				SetChecksum="true"
+				FixedBaseAddress="1"
+				TargetMachine="17"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCManifestTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCAppVerifierTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+			>
+			<File
+				RelativePath=".\dllmain.cpp"
+				>
+				<FileConfiguration
+					Name="Debug|Win32"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="0"
+						CompileAsManaged="0"
+					/>
+				</FileConfiguration>
+				<FileConfiguration
+					Name="Debug|x64"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="0"
+						CompileAsManaged="0"
+					/>
+				</FileConfiguration>
+				<FileConfiguration
+					Name="Release|Win32"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="0"
+						CompileAsManaged="0"
+					/>
+				</FileConfiguration>
+				<FileConfiguration
+					Name="Release|x64"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="0"
+						CompileAsManaged="0"
+					/>
+				</FileConfiguration>
+			</File>
+			<File
+				RelativePath=".\stdafx.cpp"
+				>
+				<FileConfiguration
+					Name="Debug|Win32"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="1"
+					/>
+				</FileConfiguration>
+				<FileConfiguration
+					Name="Debug|x64"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="1"
+					/>
+				</FileConfiguration>
+				<FileConfiguration
+					Name="Release|Win32"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="1"
+					/>
+				</FileConfiguration>
+				<FileConfiguration
+					Name="Release|x64"
+					>
+					<Tool
+						Name="VCCLCompilerTool"
+						UsePrecompiledHeader="1"
+					/>
+				</FileConfiguration>
+			</File>
+			<File
+				RelativePath=".\TitanEngine.cpp"
+				>
+			</File>
+			<Filter
+				Name="ThirdParty"
+				>
+				<File
+					RelativePath=".\LzmaDec.cpp"
+					>
+				</File>
+			</Filter>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
+			>
+			<File
+				RelativePath=".\resource.h"
+				>
+			</File>
+			<File
+				RelativePath=".\stdafx.h"
+				>
+			</File>
+			<File
+				RelativePath=".\targetver.h"
+				>
+			</File>
+		</Filter>
+		<Filter
+			Name="Resource Files"
+			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
+			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
+			>
+			<File
+				RelativePath=".\TitanEngine.rc"
+				>
+			</File>
+			<Filter
+				Name="Binary"
+				>
+				<File
+					RelativePath="..\TitanEngineLoaders\LibraryLoader\x64\Release\LibraryLoader.exe"
+					>
+				</File>
+				<File
+					RelativePath="..\TitanEngineLoaders\LibraryLoader\Release\LibraryLoader.exe"
+					>
+				</File>
+				<File
+					RelativePath="..\TitanEngineLoaders\ReserveLibrary\Release\ReserveLibrary.dll"
+					>
+				</File>
+				<File
+					RelativePath="..\TitanEngineLoaders\ReserveLibrary\x64\Release\ReserveLibrary.dll"
+					>
+				</File>
+			</Filter>
+			<Filter
+				Name="Images"
+				>
+				<File
+					RelativePath=".\HEADER.BMP"
+					>
+				</File>
+				<File
+					RelativePath=".\LOGO.bmp"
+					>
+				</File>
+				<File
+					RelativePath=".\MAINICON.ico"
+					>
+				</File>
+			</Filter>
+		</Filter>
+		<File
+			RelativePath=".\ReadMe.txt"
+			>
+		</File>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>

TitanEngine/TitanEngine.vcxproj

@@ -0,0 +1,251 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{9C7B8246-FDDA-48C7-9634-044969701E40}</ProjectGuid>
+    <RootNamespace>TitanEngine</RootNamespace>
+    <Keyword>Win32Proj</Keyword>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <CharacterSet>Unicode</CharacterSet>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <CharacterSet>Unicode</CharacterSet>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup>
+    <_ProjectFileVersion>10.0.30319.1</_ProjectFileVersion>
+    <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(SolutionDir)$(Configuration)\</OutDir>
+    <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(Configuration)\</IntDir>
+    <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</LinkIncremental>
+    <OutDir Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
+    <IntDir Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(Platform)\$(Configuration)\</IntDir>
+    <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</LinkIncremental>
+    <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(SolutionDir)$(Configuration)\</OutDir>
+    <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(Configuration)\</IntDir>
+    <OutDir Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
+    <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(Platform)\$(Configuration)\</IntDir>
+    <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</LinkIncremental>
+    <CodeAnalysisRuleSet Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">AllRules.ruleset</CodeAnalysisRuleSet>
+    <CodeAnalysisRules Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" />
+    <CodeAnalysisRuleAssemblies Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" />
+    <CodeAnalysisRuleSet Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">AllRules.ruleset</CodeAnalysisRuleSet>
+    <CodeAnalysisRules Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" />
+    <CodeAnalysisRuleAssemblies Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" />
+    <CodeAnalysisRuleSet Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">AllRules.ruleset</CodeAnalysisRuleSet>
+    <CodeAnalysisRules Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" />
+    <CodeAnalysisRuleAssemblies Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" />
+    <CodeAnalysisRuleSet Condition="'$(Configuration)|$(Platform)'=='Release|x64'">AllRules.ruleset</CodeAnalysisRuleSet>
+    <CodeAnalysisRules Condition="'$(Configuration)|$(Platform)'=='Release|x64'" />
+    <CodeAnalysisRuleAssemblies Condition="'$(Configuration)|$(Platform)'=='Release|x64'" />
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <Optimization>Disabled</Optimization>
+      <IntrinsicFunctions>false</IntrinsicFunctions>
+      <FavorSizeOrSpeed>Speed</FavorSizeOrSpeed>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <MinimalRebuild>true</MinimalRebuild>
+      <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <StructMemberAlignment>1Byte</StructMemberAlignment>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
+      <CallingConvention>Cdecl</CallingConvention>
+      <CompileAs>CompileAsCpp</CompileAs>
+    </ClCompile>
+    <Link>
+      <AdditionalDependencies>$(ProjectDir)distorm_x86.lib;Imagehlp.lib;psapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <OutputFile>$(OutDir)TitanEngine.dll</OutputFile>
+      <IgnoreAllDefaultLibraries>false</IgnoreAllDefaultLibraries>
+      <ModuleDefinitionFile>$(ProjectDir)TitanEngine.def</ModuleDefinitionFile>
+      <AddModuleNamesToAssembly>%(AddModuleNamesToAssembly)</AddModuleNamesToAssembly>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateMapFile>false</GenerateMapFile>
+      <MapExports>false</MapExports>
+      <SubSystem>Windows</SubSystem>
+      <OptimizeReferences>
+      </OptimizeReferences>
+      <NoEntryPoint>false</NoEntryPoint>
+      <SetChecksum>false</SetChecksum>
+      <TargetMachine>MachineX86</TargetMachine>
+      <CLRThreadAttribute>DefaultThreadingAttribute</CLRThreadAttribute>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Midl>
+      <TargetEnvironment>X64</TargetEnvironment>
+    </Midl>
+    <ClCompile>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <MinimalRebuild>true</MinimalRebuild>
+      <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+      <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
+      <StructMemberAlignment>1Byte</StructMemberAlignment>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+      <CallingConvention>StdCall</CallingConvention>
+      <CompileAs>CompileAsCpp</CompileAs>
+    </ClCompile>
+    <Link>
+      <AdditionalDependencies>$(ProjectDir)distorm_x64.lib;Imagehlp.lib;psapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <OutputFile>$(OutDir)TitanEngine.dll</OutputFile>
+      <IgnoreAllDefaultLibraries>false</IgnoreAllDefaultLibraries>
+      <ModuleDefinitionFile>$(ProjectDir)TitanEngine.def</ModuleDefinitionFile>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateMapFile>false</GenerateMapFile>
+      <MapExports>false</MapExports>
+      <SubSystem>Windows</SubSystem>
+      <NoEntryPoint>false</NoEntryPoint>
+      <SetChecksum>false</SetChecksum>
+      <TargetMachine>MachineX64</TargetMachine>
+      <CLRThreadAttribute>STAThreadingAttribute</CLRThreadAttribute>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <Optimization>Disabled</Optimization>
+      <IntrinsicFunctions>false</IntrinsicFunctions>
+      <WholeProgramOptimization>false</WholeProgramOptimization>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <StructMemberAlignment>1Byte</StructMemberAlignment>
+      <FunctionLevelLinking>false</FunctionLevelLinking>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+      <CallingConvention>Cdecl</CallingConvention>
+      <CompileAs>CompileAsCpp</CompileAs>
+    </ClCompile>
+    <Link>
+      <AdditionalDependencies>$(ProjectDir)distorm_x86.lib;Imagehlp.lib;psapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <ModuleDefinitionFile>$(ProjectDir)TitanEngine.def</ModuleDefinitionFile>
+      <GenerateDebugInformation>false</GenerateDebugInformation>
+      <LinkTimeCodeGeneration>
+      </LinkTimeCodeGeneration>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Midl>
+      <TargetEnvironment>X64</TargetEnvironment>
+    </Midl>
+    <ClCompile>
+      <Optimization>MaxSpeed</Optimization>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;UNPACKERENGINE_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <StructMemberAlignment>Default</StructMemberAlignment>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <PrecompiledHeader>Use</PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+    </ClCompile>
+    <Link>
+      <AdditionalDependencies>$(ProjectDir)distorm_x64.lib;Imagehlp.lib;psapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <OutputFile>$(OutDir)TitanEngine.dll</OutputFile>
+      <IgnoreAllDefaultLibraries>false</IgnoreAllDefaultLibraries>
+      <ModuleDefinitionFile>$(ProjectDir)TitanEngine.def</ModuleDefinitionFile>
+      <GenerateDebugInformation>false</GenerateDebugInformation>
+      <SubSystem>Windows</SubSystem>
+      <OptimizeReferences>true</OptimizeReferences>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <SetChecksum>true</SetChecksum>
+      <FixedBaseAddress>false</FixedBaseAddress>
+      <TargetMachine>MachineX64</TargetMachine>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClCompile Include="dllmain.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+      </PrecompiledHeader>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+      </PrecompiledHeader>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+      </PrecompiledHeader>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</CompileAsManaged>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+      </PrecompiledHeader>
+      <CompileAsManaged Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</CompileAsManaged>
+    </ClCompile>
+    <ClCompile Include="stdafx.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
+    </ClCompile>
+    <ClCompile Include="TitanEngine.cpp" />
+    <ClCompile Include="LzmaDec.cpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="resource.h" />
+    <ClInclude Include="stdafx.h" />
+    <ClInclude Include="targetver.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="TitanEngine.rc" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="..\TitanEngineLoaders\LibraryLoader\x64\Release\LibraryLoader.exe" />
+    <None Include="..\TitanEngineLoaders\LibraryLoader\Release\LibraryLoader.exe" />
+    <None Include="..\TitanEngineLoaders\ReserveLibrary\Release\ReserveLibrary.dll" />
+    <None Include="..\TitanEngineLoaders\ReserveLibrary\x64\Release\ReserveLibrary.dll" />
+    <None Include="HEADER.BMP" />
+    <None Include="LOGO.bmp" />
+    <None Include="MAINICON.ico" />
+    <None Include="ReadMe.txt" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

TitanEngine/TitanEngine.vcxproj.filters

@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Source Files\ThirdParty">
+      <UniqueIdentifier>{bf918bb7-d305-4123-9e17-3f28f4796516}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav</Extensions>
+    </Filter>
+    <Filter Include="Resource Files\Binary">
+      <UniqueIdentifier>{0f4957c0-547f-4f5e-8133-a34644b29c2f}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Resource Files\Images">
+      <UniqueIdentifier>{b4e0243e-1a54-40fe-be40-e7cc7a16c3e1}</UniqueIdentifier>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="dllmain.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="stdafx.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="TitanEngine.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="LzmaDec.cpp">
+      <Filter>Source Files\ThirdParty</Filter>
+    </ClCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="resource.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="stdafx.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="targetver.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ResourceCompile Include="TitanEngine.rc">
+      <Filter>Resource Files</Filter>
+    </ResourceCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="..\TitanEngineLoaders\LibraryLoader\x64\Release\LibraryLoader.exe">
+      <Filter>Resource Files\Binary</Filter>
+    </None>
+    <None Include="..\TitanEngineLoaders\LibraryLoader\Release\LibraryLoader.exe">
+      <Filter>Resource Files\Binary</Filter>
+    </None>
+    <None Include="..\TitanEngineLoaders\ReserveLibrary\Release\ReserveLibrary.dll">
+      <Filter>Resource Files\Binary</Filter>
+    </None>
+    <None Include="..\TitanEngineLoaders\ReserveLibrary\x64\Release\ReserveLibrary.dll">
+      <Filter>Resource Files\Binary</Filter>
+    </None>
+    <None Include="HEADER.BMP">
+      <Filter>Resource Files\Images</Filter>
+    </None>
+    <None Include="LOGO.bmp">
+      <Filter>Resource Files\Images</Filter>
+    </None>
+    <None Include="MAINICON.ico">
+      <Filter>Resource Files\Images</Filter>
+    </None>
+    <None Include="ReadMe.txt" />
+  </ItemGroup>
+</Project>

TitanEngine/TitanEngine.vcxproj.user

@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+</Project>

TitanEngine/aplib.h

@@ -0,0 +1,66 @@
+/*
+ * aPLib compression library  -  the smaller the better :)
+ *
+ * MS COFF format header file
+ *
+ * Copyright (c) 1998-2005 by Joergen Ibsen / Jibz
+ * All Rights Reserved
+ *
+ * http://www.ibsensoftware.com/
+ */
+
+#ifndef APLIB_H_INCLUDED
+#define APLIB_H_INCLUDED
+#pragma comment(lib, "aplib.lib")
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef APLIB_ERROR
+# define APLIB_ERROR (-1)
+#endif
+
+unsigned int __cdecl aP_pack(const void *source,
+                             void *destination,
+                             unsigned int length,
+                             void *workmem,
+                             int (__cdecl *callback)(unsigned int, unsigned int, unsigned int, void *),
+                             void *cbparam);
+
+unsigned int __cdecl aP_workmem_size(unsigned int inputsize);
+
+unsigned int __cdecl aP_max_packed_size(unsigned int inputsize);
+
+unsigned int __cdecl aP_depack_asm(const void *source, void *destination);
+
+unsigned int __cdecl aP_depack_asm_fast(const void *source, void *destination);
+
+unsigned int __cdecl aP_depack_asm_safe(const void *source,
+                                        unsigned int srclen,
+                                        void *destination,
+                                        unsigned int dstlen);
+
+unsigned int __cdecl aP_crc32(const void *source, unsigned int length);
+
+unsigned int __cdecl aPsafe_pack(const void *source,
+                                 void *destination,
+                                 unsigned int length,
+                                 void *workmem,
+                                 int (__cdecl *callback)(unsigned int, unsigned int, unsigned int, void *),
+                                 void *cbparam);
+
+unsigned int __cdecl aPsafe_check(const void *source);
+
+unsigned int __cdecl aPsafe_get_orig_size(const void *source);
+
+unsigned int __cdecl aPsafe_depack(const void *source,
+                                   unsigned int srclen,
+                                   void *destination,
+                                   unsigned int dstlen);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* APLIB_H_INCLUDED */

TitanEngine/definitions.h

@@ -0,0 +1,448 @@
+// Global.Function.Declaration:
+void BreakPointManager();
+void __stdcall GenericOEPTraceHited();
+
+// Global.Garbage.functions:
+bool CreateGarbageItem(void* outGargabeItem, int MaxGargabeStringSize);
+bool RemoveGarbageItem(wchar_t* szGarbageItem, bool RemoveFolder);
+bool FillGarbageItem(wchar_t* szGarbageItem, wchar_t* szFileName, void* outGargabeItem, int MaxGargabeStringSize);
+void EmptyGarbage();
+
+#if !defined (_WIN64)
+	#ifdef __cplusplus
+extern "C" {
+	#endif /*__cplusplus*/
+#endif
+
+// TitanEngine.Dumper.functions:
+__declspec(dllexport) bool __stdcall DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
+__declspec(dllexport) bool __stdcall DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
+__declspec(dllexport) bool __stdcall DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint);
+__declspec(dllexport) bool __stdcall DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint);
+__declspec(dllexport) bool __stdcall DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly);
+__declspec(dllexport) bool __stdcall DumpRegionsW(HANDLE hProcess, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
+__declspec(dllexport) bool __stdcall DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly);
+__declspec(dllexport) bool __stdcall DumpRegionsExW(DWORD ProcessId, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly);
+__declspec(dllexport) bool __stdcall DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall PastePEHeader(HANDLE hProcess, LPVOID ImageBase, char* szDebuggedFileName);
+__declspec(dllexport) bool __stdcall PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDebuggedFileName);
+__declspec(dllexport) bool __stdcall ExtractSection(char* szFileName, char* szDumpFileName, DWORD SectionNumber);
+__declspec(dllexport) bool __stdcall ExtractSectionW(wchar_t* szFileName, wchar_t* szDumpFileName, DWORD SectionNumber);
+__declspec(dllexport) bool __stdcall ResortFileSections(char* szFileName);
+__declspec(dllexport) bool __stdcall ResortFileSectionsW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall FindOverlay(char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
+__declspec(dllexport) bool __stdcall FindOverlayW(wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize);
+__declspec(dllexport) bool __stdcall ExtractOverlay(char* szFileName, char* szExtactedFileName);
+__declspec(dllexport) bool __stdcall ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtactedFileName);
+__declspec(dllexport) bool __stdcall AddOverlay(char* szFileName, char* szOverlayFileName);
+__declspec(dllexport) bool __stdcall AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName);
+__declspec(dllexport) bool __stdcall CopyOverlay(char* szInFileName, char* szOutFileName);
+__declspec(dllexport) bool __stdcall CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName);
+__declspec(dllexport) bool __stdcall RemoveOverlay(char* szFileName);
+__declspec(dllexport) bool __stdcall RemoveOverlayW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall MakeAllSectionsRWE(char* szFileName);
+__declspec(dllexport) bool __stdcall MakeAllSectionsRWEW(wchar_t* szFileName);
+__declspec(dllexport) long __stdcall AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
+__declspec(dllexport) long __stdcall AddNewSectionExW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize);
+__declspec(dllexport) long __stdcall AddNewSection(char* szFileName, char* szSectionName, DWORD SectionSize);
+__declspec(dllexport) long __stdcall AddNewSectionW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize);
+__declspec(dllexport) bool __stdcall ResizeLastSection(char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
+__declspec(dllexport) bool __stdcall ResizeLastSectionW(wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData);
+__declspec(dllexport) void __stdcall SetSharedOverlay(char* szFileName);
+__declspec(dllexport) void __stdcall SetSharedOverlayW(wchar_t* szFileName);
+__declspec(dllexport) char* __stdcall GetSharedOverlay();
+__declspec(dllexport) wchar_t* __stdcall GetSharedOverlayW();
+__declspec(dllexport) bool __stdcall DeleteLastSection(char* szFileName);
+__declspec(dllexport) bool __stdcall DeleteLastSectionW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections);
+__declspec(dllexport) bool __stdcall DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections);
+__declspec(dllexport) long long __stdcall GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData);
+__declspec(dllexport) long long __stdcall GetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData);
+__declspec(dllexport) long long __stdcall GetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData);
+__declspec(dllexport) bool __stdcall GetPE32DataFromMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
+__declspec(dllexport) bool __stdcall GetPE32DataEx(char* szFileName, LPVOID DataStorage);
+__declspec(dllexport) bool __stdcall GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage);
+__declspec(dllexport) bool __stdcall SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
+__declspec(dllexport) bool __stdcall SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
+__declspec(dllexport) bool __stdcall SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue);
+__declspec(dllexport) bool __stdcall SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage);
+__declspec(dllexport) bool __stdcall SetPE32DataEx(char* szFileName, LPVOID DataStorage);
+__declspec(dllexport) long __stdcall GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert);
+__declspec(dllexport) long long __stdcall ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
+__declspec(dllexport) long long __stdcall ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType);
+__declspec(dllexport) long long __stdcall ConvertFileOffsetToVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType);
+__declspec(dllexport) long long __stdcall ConvertFileOffsetToVAEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool ReturnType);
+// TitanEngine.Realigner.functions:
+__declspec(dllexport) bool __stdcall FixHeaderCheckSum(char* szFileName);
+__declspec(dllexport) bool __stdcall FixHeaderCheckSumW(wchar_t* szFileName);
+__declspec(dllexport) long __stdcall RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode);
+__declspec(dllexport) long __stdcall RealignPEEx(char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
+__declspec(dllexport) long __stdcall RealignPEExW(wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment);
+__declspec(dllexport) bool __stdcall WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically);
+__declspec(dllexport) bool __stdcall WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically);
+__declspec(dllexport) bool __stdcall IsPE32FileValidEx(char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
+__declspec(dllexport) bool __stdcall IsPE32FileValidExW(wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo);
+__declspec(dllexport) bool __stdcall FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
+__declspec(dllexport) bool __stdcall FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo);
+__declspec(dllexport) bool __stdcall IsFileDLL(char* szFileName, ULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA);
+// TitanEngine.Hider.functions:
+__declspec(dllexport) void* __stdcall GetPEBLocation(HANDLE hProcess);
+__declspec(dllexport) bool __stdcall HideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
+__declspec(dllexport) bool __stdcall UnHideDebugger(HANDLE hProcess, DWORD PatchAPILevel);
+// TitanEngine.Relocater.functions:
+__declspec(dllexport) void __stdcall RelocaterCleanup();
+__declspec(dllexport) void __stdcall RelocaterInit(DWORD MemorySize, ULONG_PTR OldImageBase, ULONG_PTR NewImageBase);
+__declspec(dllexport) void __stdcall RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState);
+__declspec(dllexport) long __stdcall RelocaterEstimatedSize();
+__declspec(dllexport) bool __stdcall RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall RelocaterExportRelocationEx(char* szFileName, char* szSectionName);
+__declspec(dllexport) bool __stdcall RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName);
+__declspec(dllexport) bool __stdcall RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize);
+__declspec(dllexport) bool __stdcall RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage);
+__declspec(dllexport) bool __stdcall RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
+__declspec(dllexport) bool __stdcall RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize);
+__declspec(dllexport) bool __stdcall RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart);
+__declspec(dllexport) bool __stdcall RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart);
+__declspec(dllexport) bool __stdcall RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase);
+__declspec(dllexport) bool __stdcall RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase);
+__declspec(dllexport) bool __stdcall RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase);
+__declspec(dllexport) bool __stdcall RelocaterWipeRelocationTable(char* szFileName);
+__declspec(dllexport) bool __stdcall RelocaterWipeRelocationTableW(wchar_t* szFileName);
+// TitanEngine.Resourcer.functions:
+__declspec(dllexport) long long __stdcall ResourcerLoadFileForResourceUse(char* szFileName);
+__declspec(dllexport) long long __stdcall ResourcerLoadFileForResourceUseW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall ResourcerFreeLoadedFile(LPVOID LoadedFileBase);
+__declspec(dllexport) bool __stdcall ResourcerExtractResourceFromFileEx(ULONG_PTR FileMapVA, char* szResourceType, char* szResourceName, char* szExtractedFileName);
+__declspec(dllexport) bool __stdcall ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
+__declspec(dllexport) bool __stdcall ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName);
+__declspec(dllexport) bool __stdcall ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
+__declspec(dllexport) bool __stdcall ResourcerFindResourceW(wchar_t* szFileName, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
+__declspec(dllexport) bool __stdcall ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize);
+__declspec(dllexport) void __stdcall ResourcerEnumerateResource(char* szFileName, void* CallBack);
+__declspec(dllexport) void __stdcall ResourcerEnumerateResourceW(wchar_t* szFileName, void* CallBack);
+__declspec(dllexport) void __stdcall ResourcerEnumerateResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, void* CallBack);
+// TitanEngine.Threader.functions:
+__declspec(dllexport) bool __stdcall ThreaderImportRunningThreadData(DWORD ProcessId);
+__declspec(dllexport) void* __stdcall ThreaderGetThreadInfo(HANDLE hThread, DWORD ThreadId);
+__declspec(dllexport) void __stdcall ThreaderEnumThreadInfo(void* EnumCallBack);
+__declspec(dllexport) bool __stdcall ThreaderPauseThread(HANDLE hThread);
+__declspec(dllexport) bool __stdcall ThreaderResumeThread(HANDLE hThread);
+__declspec(dllexport) bool __stdcall ThreaderTerminateThread(HANDLE hThread, DWORD ThreadExitCode);
+__declspec(dllexport) bool __stdcall ThreaderPauseAllThreads(bool LeaveMainRunning);
+__declspec(dllexport) bool __stdcall ThreaderResumeAllThreads(bool LeaveMainPaused);
+__declspec(dllexport) bool __stdcall ThreaderPauseProcess();
+__declspec(dllexport) bool __stdcall ThreaderResumeProcess();
+__declspec(dllexport) long long __stdcall ThreaderCreateRemoteThread(ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
+__declspec(dllexport) bool __stdcall ThreaderInjectAndExecuteCode(LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
+__declspec(dllexport) long long __stdcall ThreaderCreateRemoteThreadEx(HANDLE hProcess, ULONG_PTR ThreadStartAddress, bool AutoCloseTheHandle, LPVOID ThreadPassParameter, LPDWORD ThreadId);
+__declspec(dllexport) bool __stdcall ThreaderInjectAndExecuteCodeEx(HANDLE hProcess, LPVOID InjectCode, DWORD StartDelta, DWORD InjectSize);
+__declspec(dllexport) void __stdcall ThreaderSetCallBackForNextExitThreadEvent(LPVOID exitThreadCallBack);
+__declspec(dllexport) bool __stdcall ThreaderIsThreadStillRunning(HANDLE hThread);
+__declspec(dllexport) bool __stdcall ThreaderIsThreadActive(HANDLE hThread);
+__declspec(dllexport) bool __stdcall ThreaderIsAnyThreadActive();
+__declspec(dllexport) bool __stdcall ThreaderExecuteOnlyInjectedThreads();
+__declspec(dllexport) long long __stdcall ThreaderGetOpenHandleForThread(DWORD ThreadId);
+__declspec(dllexport) void* __stdcall ThreaderGetThreadData();
+__declspec(dllexport) bool __stdcall ThreaderIsExceptionInMainThread();
+// TitanEngine.Debugger.functions:
+__declspec(dllexport) void* __stdcall StaticDisassembleEx(ULONG_PTR DisassmStart, LPVOID DisassmAddress);
+__declspec(dllexport) void* __stdcall StaticDisassemble(LPVOID DisassmAddress);
+__declspec(dllexport) void* __stdcall DisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
+__declspec(dllexport) void* __stdcall Disassemble(LPVOID DisassmAddress);
+__declspec(dllexport) long __stdcall StaticLengthDisassemble(LPVOID DisassmAddress);
+__declspec(dllexport) long __stdcall LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress);
+__declspec(dllexport) long __stdcall LengthDisassemble(LPVOID DisassmAddress);
+__declspec(dllexport) void* __stdcall InitDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder);
+__declspec(dllexport) void* __stdcall InitDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder);
+__declspec(dllexport) void* __stdcall InitDebugEx(char* szFileName, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
+__declspec(dllexport) void* __stdcall InitDebugExW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
+__declspec(dllexport) void* __stdcall InitDLLDebug(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack);
+__declspec(dllexport) void* __stdcall InitDLLDebugW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack);
+__declspec(dllexport) bool __stdcall StopDebug();
+__declspec(dllexport) void __stdcall SetBPXOptions(long DefaultBreakPointType);
+__declspec(dllexport) bool __stdcall IsBPXEnabled(ULONG_PTR bpxAddress);
+__declspec(dllexport) bool __stdcall EnableBPX(ULONG_PTR bpxAddress);
+__declspec(dllexport) bool __stdcall DisableBPX(ULONG_PTR bpxAddress);
+__declspec(dllexport) bool __stdcall SetBPX(ULONG_PTR bpxAddress, DWORD bpxType, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall SetBPXEx(ULONG_PTR bpxAddress, DWORD bpxType, DWORD NumberOfExecution, DWORD CmpRegister, DWORD CmpCondition, ULONG_PTR CmpValue, LPVOID bpxCallBack, LPVOID bpxCompareCallBack, LPVOID bpxRemoveCallBack);
+__declspec(dllexport) bool __stdcall DeleteBPX(ULONG_PTR bpxAddress);
+__declspec(dllexport) bool __stdcall SafeDeleteBPX(ULONG_PTR bpxAddress);
+__declspec(dllexport) bool __stdcall SetAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxType, DWORD bpxPlace, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall DeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace);
+__declspec(dllexport) bool __stdcall SafeDeleteAPIBreakPoint(char* szDLLName, char* szAPIName, DWORD bpxPlace);
+__declspec(dllexport) bool __stdcall SetMemoryBPX(ULONG_PTR MemoryStart, DWORD SizeOfMemory, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall SetMemoryBPXEx(ULONG_PTR MemoryStart, DWORD SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall RemoveMemoryBPX(ULONG_PTR MemoryStart, DWORD SizeOfMemory);
+__declspec(dllexport) bool __stdcall GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
+__declspec(dllexport) long long __stdcall GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister);
+__declspec(dllexport) long long __stdcall GetContextData(DWORD IndexOfRegister);
+__declspec(dllexport) bool __stdcall SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea);
+__declspec(dllexport) bool __stdcall SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
+__declspec(dllexport) bool __stdcall SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue);
+__declspec(dllexport) void __stdcall ClearExceptionNumber();
+__declspec(dllexport) long __stdcall CurrentExceptionNumber();
+__declspec(dllexport) bool __stdcall MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
+__declspec(dllexport) bool __stdcall MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard);
+__declspec(dllexport) long long __stdcall FindEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
+__declspec(dllexport) long long __stdcall Find(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard);
+__declspec(dllexport) bool __stdcall FillEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
+__declspec(dllexport) bool __stdcall Fill(LPVOID MemoryStart, DWORD MemorySize, PBYTE FillByte);
+__declspec(dllexport) bool __stdcall PatchEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
+__declspec(dllexport) bool __stdcall Patch(LPVOID MemoryStart, DWORD MemorySize, LPVOID ReplacePattern, DWORD ReplaceSize, bool AppendNOP, bool PrependNOP);
+__declspec(dllexport) bool __stdcall ReplaceEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
+__declspec(dllexport) bool __stdcall Replace(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, DWORD NumberOfRepetitions, LPVOID ReplacePattern, DWORD ReplaceSize, PBYTE WildCard);
+__declspec(dllexport) void* __stdcall GetDebugData();
+__declspec(dllexport) void* __stdcall GetTerminationData();
+__declspec(dllexport) long __stdcall GetExitCode();
+__declspec(dllexport) long long __stdcall GetDebuggedDLLBaseAddress();
+__declspec(dllexport) unsigned long long __stdcall GetDebuggedFileBaseAddress();
+__declspec(dllexport) bool __stdcall GetRemoteString(HANDLE hProcess, LPVOID StringAddress, LPVOID StringStorage, int MaximumStringSize);
+__declspec(dllexport) long long __stdcall GetFunctionParameter(HANDLE hProcess, DWORD FunctionType, DWORD ParameterNumber, DWORD ParameterType);
+__declspec(dllexport) long long __stdcall GetJumpDestinationEx(HANDLE hProcess, ULONG_PTR InstructionAddress, bool JustJumps);
+__declspec(dllexport) long long __stdcall GetJumpDestination(HANDLE hProcess, ULONG_PTR InstructionAddress);
+__declspec(dllexport) bool __stdcall IsJumpGoingToExecuteEx(HANDLE hProcess, HANDLE hThread, ULONG_PTR InstructionAddress, ULONG_PTR RegFlags);
+__declspec(dllexport) bool __stdcall IsJumpGoingToExecute();
+__declspec(dllexport) void __stdcall SetCustomHandler(DWORD ExceptionId, LPVOID CallBack);
+__declspec(dllexport) void __stdcall ForceClose();
+__declspec(dllexport) void __stdcall StepInto(LPVOID traceCallBack);
+__declspec(dllexport) void __stdcall StepOver(LPVOID traceCallBack);
+__declspec(dllexport) void __stdcall SingleStep(DWORD StepCount, LPVOID StepCallBack);
+__declspec(dllexport) bool __stdcall GetUnusedHardwareBreakPointRegister(LPDWORD RegisterIndex);
+__declspec(dllexport) bool __stdcall SetHardwareBreakPointEx(HANDLE hActiveThread, ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack, LPDWORD IndexOfSelectedRegister);
+__declspec(dllexport) bool __stdcall SetHardwareBreakPoint(ULONG_PTR bpxAddress, DWORD IndexOfRegister, DWORD bpxType, DWORD bpxSize, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall DeleteHardwareBreakPoint(DWORD IndexOfRegister);
+__declspec(dllexport) bool __stdcall RemoveAllBreakPoints(DWORD RemoveOption);
+__declspec(dllexport) void* __stdcall GetProcessInformation();
+__declspec(dllexport) void* __stdcall GetStartupInformation();
+__declspec(dllexport) void __stdcall DebugLoop();
+__declspec(dllexport) void __stdcall SetDebugLoopTimeOut(DWORD TimeOut);
+__declspec(dllexport) void __stdcall SetNextDbgContinueStatus(DWORD SetDbgCode);
+__declspec(dllexport) bool __stdcall AttachDebugger(DWORD ProcessId, bool KillOnExit, LPVOID DebugInfo, LPVOID CallBack);
+__declspec(dllexport) bool __stdcall DetachDebugger(DWORD ProcessId);
+__declspec(dllexport) bool __stdcall DetachDebuggerEx(DWORD ProcessId);
+__declspec(dllexport) void __stdcall DebugLoopEx(DWORD TimeOut);
+__declspec(dllexport) void __stdcall AutoDebugEx(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
+__declspec(dllexport) void __stdcall AutoDebugExW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack);
+__declspec(dllexport) bool __stdcall IsFileBeingDebugged();
+__declspec(dllexport) void __stdcall SetErrorModel(bool DisplayErrorMessages);
+// TitanEngine.FindOEP.functions:
+__declspec(dllexport) void __stdcall FindOEPInit();
+__declspec(dllexport) bool __stdcall FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
+__declspec(dllexport) bool __stdcall FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack);
+// TitanEngine.Importer.functions:
+__declspec(dllexport) void __stdcall ImporterCleanup();
+__declspec(dllexport) void __stdcall ImporterSetImageBase(ULONG_PTR ImageBase);
+__declspec(dllexport) void __stdcall ImporterSetUnknownDelta(ULONG_PTR DeltaAddress);
+__declspec(dllexport) long long __stdcall ImporterGetCurrentDelta();
+__declspec(dllexport) void __stdcall ImporterInit(DWORD MemorySize, ULONG_PTR ImageBase);
+__declspec(dllexport) void __stdcall ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk);
+__declspec(dllexport) void __stdcall ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue);
+__declspec(dllexport) void __stdcall ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue);
+__declspec(dllexport) long __stdcall ImporterGetAddedDllCount();
+__declspec(dllexport) long __stdcall ImporterGetAddedAPICount();
+__declspec(dllexport) void* __stdcall ImporterGetLastAddedDLLName();
+__declspec(dllexport) void __stdcall ImporterMoveIAT();
+__declspec(dllexport) bool __stdcall ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
+__declspec(dllexport) long __stdcall ImporterEstimatedSize();
+__declspec(dllexport) bool __stdcall ImporterExportIATEx(char* szExportFileName, char* szSectionName);
+__declspec(dllexport) bool __stdcall ImporterExportIATExW(wchar_t* szExportFileName, char* szSectionName);
+__declspec(dllexport) long long __stdcall ImporterFindAPIWriteLocation(char* szAPIName);
+__declspec(dllexport) long long __stdcall ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber);
+__declspec(dllexport) long long __stdcall ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation);
+__declspec(dllexport) long long __stdcall ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation);
+__declspec(dllexport) void* __stdcall ImporterGetDLLName(ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetAPIName(ULONG_PTR APIAddress);
+__declspec(dllexport) long long __stdcall ImporterGetAPIOrdinalNumber(ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetAPINameEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
+__declspec(dllexport) long long __stdcall ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) long long __stdcall ImporterGetRemoteAPIAddressEx(char* szDLLName, char* szAPIName);
+__declspec(dllexport) long long __stdcall ImporterGetLocalAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetDLLNameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetAPINameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) long long __stdcall ImporterGetAPIOrdinalNumberFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) long __stdcall ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
+__declspec(dllexport) long __stdcall ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
+__declspec(dllexport) long long __stdcall ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase);
+__declspec(dllexport) bool __stdcall ImporterRelocateWriteLocation(ULONG_PTR AddValue);
+__declspec(dllexport) bool __stdcall ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) long __stdcall ImporterGetForwardedDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList);
+__declspec(dllexport) long long __stdcall ImporterGetForwardedAPIOrdinalNumber(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) long long __stdcall ImporterGetNearestAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) void* __stdcall ImporterGetNearestAPIName(HANDLE hProcess, ULONG_PTR APIAddress);
+__declspec(dllexport) bool __stdcall ImporterCopyOriginalIAT(char* szOriginalFile, char* szDumpFile);
+__declspec(dllexport) bool __stdcall ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile);
+__declspec(dllexport) bool __stdcall ImporterLoadImportTable(char* szFileName);
+__declspec(dllexport) bool __stdcall ImporterLoadImportTableW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName);
+__declspec(dllexport) bool __stdcall ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName);
+__declspec(dllexport) void __stdcall ImporterAutoSearchIAT(HANDLE hProcess, char* szFileName, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
+__declspec(dllexport) void __stdcall ImporterAutoSearchIATW(HANDLE hProcess, wchar_t* szFileName, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
+__declspec(dllexport) void __stdcall ImporterAutoSearchIATEx(HANDLE hProcess, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, LPVOID pIATStart, LPVOID pIATSize);
+__declspec(dllexport) void __stdcall ImporterEnumAddedData(LPVOID EnumCallBack);
+__declspec(dllexport) long __stdcall ImporterAutoFixIATEx(HANDLE hProcess, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
+__declspec(dllexport) long __stdcall ImporterAutoFixIATExW(HANDLE hProcess, wchar_t* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback);
+__declspec(dllexport) long __stdcall ImporterAutoFixIAT(HANDLE hProcess, char* szDumpedFile, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep);
+__declspec(dllexport) long __stdcall ImporterAutoFixIATW(HANDLE hProcess, wchar_t* szDumpedFile, ULONG_PTR ImageBase, ULONG_PTR SearchStart, DWORD SearchSize, DWORD SearchStep);
+// Global.Engine.Hook.functions:
+__declspec(dllexport) bool __stdcall HooksSafeTransitionEx(LPVOID HookAddressArray, int NumberOfHooks, bool TransitionStart);
+__declspec(dllexport) bool __stdcall HooksSafeTransition(LPVOID HookAddress, bool TransitionStart);
+__declspec(dllexport) bool __stdcall HooksIsAddressRedirected(LPVOID HookAddress);
+__declspec(dllexport) void* __stdcall HooksGetTrampolineAddress(LPVOID HookAddress);
+__declspec(dllexport) void* __stdcall HooksGetHookEntryDetails(LPVOID HookAddress);
+__declspec(dllexport) bool __stdcall HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType);
+__declspec(dllexport) bool __stdcall HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo);
+__declspec(dllexport) bool __stdcall HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo);
+__declspec(dllexport) bool __stdcall HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll);
+__declspec(dllexport) bool __stdcall HooksRemoveRedirectionsForModule(HMODULE ModuleBase);
+__declspec(dllexport) bool __stdcall HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll);
+__declspec(dllexport) bool __stdcall HooksDisableRedirection(LPVOID HookAddress, bool DisableAll);
+__declspec(dllexport) bool __stdcall HooksDisableRedirectionsForModule(HMODULE ModuleBase);
+__declspec(dllexport) bool __stdcall HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll);
+__declspec(dllexport) bool __stdcall HooksEnableRedirection(LPVOID HookAddress, bool EnableAll);
+__declspec(dllexport) bool __stdcall HooksEnableRedirectionsForModule(HMODULE ModuleBase);
+__declspec(dllexport) bool __stdcall HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll);
+__declspec(dllexport) void __stdcall HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack);
+__declspec(dllexport) void __stdcall HooksScanEntireProcessMemory(LPVOID CallBack);
+__declspec(dllexport) void __stdcall HooksScanEntireProcessMemoryEx();
+// TitanEngine.Tracer.functions:
+__declspec(dllexport) void __stdcall TracerInit();
+__declspec(dllexport) long long __stdcall TracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace);
+__declspec(dllexport) long long __stdcall HashTracerLevel1(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD InputNumberOfInstructions);
+__declspec(dllexport) long __stdcall TracerDetectRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace);
+__declspec(dllexport) long long __stdcall TracerFixKnownRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD RedirectionId);
+__declspec(dllexport) long long __stdcall TracerFixRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD IdParameter);
+__declspec(dllexport) long __stdcall TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, char* szPluginName, ULONG_PTR AddressToTrace);
+// TitanEngine.Exporter.functions:
+__declspec(dllexport) void __stdcall ExporterCleanup();
+__declspec(dllexport) void __stdcall ExporterSetImageBase(ULONG_PTR ImageBase);
+__declspec(dllexport) void __stdcall ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, char* szExportModuleName);
+__declspec(dllexport) bool __stdcall ExporterAddNewExport(char* szExportName, DWORD ExportRelativeAddress);
+__declspec(dllexport) bool __stdcall ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress);
+__declspec(dllexport) long __stdcall ExporterGetAddedExportCount();
+__declspec(dllexport) long __stdcall ExporterEstimatedSize();
+__declspec(dllexport) bool __stdcall ExporterBuildExportTable(ULONG_PTR StorePlace, ULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName);
+__declspec(dllexport) bool __stdcall ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName);
+__declspec(dllexport) bool __stdcall ExporterLoadExportTable(char* szFileName);
+__declspec(dllexport) bool __stdcall ExporterLoadExportTableW(wchar_t* szFileName);
+// TitanEngine.Librarian.functions:
+__declspec(dllexport) bool __stdcall LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType);
+__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfo(char* szLibraryName);
+__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfoW(wchar_t* szLibraryName);
+__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfoEx(void* BaseOfDll);
+__declspec(dllexport) void* __stdcall LibrarianGetLibraryInfoExW(void* BaseOfDll);
+__declspec(dllexport) void __stdcall LibrarianEnumLibraryInfo(void* EnumCallBack);
+__declspec(dllexport) void __stdcall LibrarianEnumLibraryInfoW(void* EnumCallBack);
+// TitanEngine.Process.functions:
+__declspec(dllexport) long __stdcall GetActiveProcessId(char* szImageName);
+__declspec(dllexport) long __stdcall GetActiveProcessIdW(wchar_t* szImageName);
+__declspec(dllexport) void __stdcall EnumProcessesWithLibrary(char* szLibraryName, void* EnumFunction);
+// TitanEngine.TLSFixer.functions:
+__declspec(dllexport) bool __stdcall TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
+__declspec(dllexport) bool __stdcall TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks);
+__declspec(dllexport) bool __stdcall TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack);
+__declspec(dllexport) bool __stdcall TLSRemoveCallback(char* szFileName);
+__declspec(dllexport) bool __stdcall TLSRemoveCallbackW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall TLSRemoveTable(char* szFileName);
+__declspec(dllexport) bool __stdcall TLSRemoveTableW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall TLSBackupData(char* szFileName);
+__declspec(dllexport) bool __stdcall TLSBackupDataW(wchar_t* szFileName);
+__declspec(dllexport) bool __stdcall TLSRestoreData();
+__declspec(dllexport) bool __stdcall TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
+__declspec(dllexport) bool __stdcall TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
+__declspec(dllexport) bool __stdcall TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks);
+// TitanEngine.TranslateName.functions:
+__declspec(dllexport) void* __stdcall TranslateNativeName(char* szNativeName);
+__declspec(dllexport) void* __stdcall TranslateNativeNameW(wchar_t* szNativeName);
+// TitanEngine.Handler.functions:
+__declspec(dllexport) long __stdcall HandlerGetActiveHandleCount(DWORD ProcessId);
+__declspec(dllexport) bool __stdcall HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle);
+__declspec(dllexport) void* __stdcall HandlerGetHandleName(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
+__declspec(dllexport) void* __stdcall HandlerGetHandleNameW(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, bool TranslateName);
+__declspec(dllexport) long __stdcall HandlerEnumerateOpenHandles(DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
+__declspec(dllexport) long long __stdcall HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn);
+__declspec(dllexport) bool __stdcall HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle);
+__declspec(dllexport) long __stdcall HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
+__declspec(dllexport) long __stdcall HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount);
+__declspec(dllexport) bool __stdcall HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
+__declspec(dllexport) bool __stdcall HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
+__declspec(dllexport) bool __stdcall HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
+__declspec(dllexport) bool __stdcall HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated);
+// TitanEngine.Handler[Mutex].functions:
+__declspec(dllexport) long __stdcall HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount);
+__declspec(dllexport) long long __stdcall HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString);
+__declspec(dllexport) long long __stdcall HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString);
+__declspec(dllexport) long __stdcall HandlerGetProcessIdWhichCreatedMutex(char* szMutexString);
+__declspec(dllexport) long __stdcall HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString);
+// TitanEngine.Injector.functions:
+__declspec(dllexport) bool __stdcall RemoteLoadLibrary(HANDLE hProcess, char* szLibraryFile, bool WaitForThreadExit);
+__declspec(dllexport) bool __stdcall RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit);
+__declspec(dllexport) bool __stdcall RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit);
+__declspec(dllexport) bool __stdcall RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit);
+__declspec(dllexport) bool __stdcall RemoteExitProcess(HANDLE hProcess, DWORD ExitCode);
+// TitanEngine.StaticUnpacker.functions:
+__declspec(dllexport) bool __stdcall StaticFileLoad(char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA);
+__declspec(dllexport) bool __stdcall StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
+__declspec(dllexport) bool __stdcall StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh);
+__declspec(dllexport) bool __stdcall StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size);
+__declspec(dllexport) void __stdcall StaticFileClose(HANDLE FileHandle);
+__declspec(dllexport) void __stdcall StaticMemoryDecrypt(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
+__declspec(dllexport) void __stdcall StaticMemoryDecryptEx(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, void* DecryptionCallBack);
+__declspec(dllexport) void __stdcall StaticMemoryDecryptSpecial(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, DWORD SpecDecryptionType, void* DecryptionCallBack);
+__declspec(dllexport) void __stdcall StaticSectionDecrypt(ULONG_PTR FileMapVA, DWORD SectionNumber, bool SimulateLoad, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey);
+__declspec(dllexport) bool __stdcall StaticMemoryDecompress(void* Source, DWORD SourceSize, void* Destination, DWORD DestinationSize, int Algorithm);
+__declspec(dllexport) bool __stdcall StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName);
+__declspec(dllexport) bool __stdcall StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName);
+__declspec(dllexport) bool __stdcall StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm);
+__declspec(dllexport) bool __stdcall StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm);
+__declspec(dllexport) bool __stdcall StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm);
+// TitanEngine.Engine.functions:
+__declspec(dllexport) void __stdcall EngineUnpackerInitialize(char* szFileName, char* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack);
+__declspec(dllexport) void __stdcall EngineUnpackerInitializeW(wchar_t* szFileName, wchar_t* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack);
+__declspec(dllexport) bool __stdcall EngineUnpackerSetBreakCondition(void* SearchStart, DWORD SearchSize, void* SearchPattern, DWORD PatternSize, DWORD PatternDelta, ULONG_PTR BreakType, bool SingleBreak, DWORD Parameter1, DWORD Parameter2);
+__declspec(dllexport) void __stdcall EngineUnpackerSetEntryPointAddress(ULONG_PTR UnpackedEntryPointAddress);
+__declspec(dllexport) void __stdcall EngineUnpackerFinalizeUnpacking();
+// TitanEngine.Engine.functions:
+__declspec(dllexport) void __stdcall SetEngineVariable(DWORD VariableId, bool VariableSet);
+__declspec(dllexport) bool __stdcall EngineCreateMissingDependencies(char* szFileName, char* szOutputFolder, bool LogCreatedFiles);
+__declspec(dllexport) bool __stdcall EngineCreateMissingDependenciesW(wchar_t* szFileName, wchar_t* szOutputFolder, bool LogCreatedFiles);
+__declspec(dllexport) bool __stdcall EngineFakeMissingDependencies(HANDLE hProcess);
+__declspec(dllexport) bool __stdcall EngineDeleteCreatedDependencies();
+__declspec(dllexport) bool __stdcall EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack);
+__declspec(dllexport) void __stdcall EngineAddUnpackerWindowLogMessage(char* szLogMessage);
+// Global.Engine.Extension.Functions:
+__declspec(dllexport) bool __stdcall ExtensionManagerIsPluginLoaded(char* szPluginName);
+__declspec(dllexport) bool __stdcall ExtensionManagerIsPluginEnabled(char* szPluginName);
+__declspec(dllexport) bool __stdcall ExtensionManagerDisableAllPlugins();
+__declspec(dllexport) bool __stdcall ExtensionManagerDisablePlugin(char* szPluginName);
+__declspec(dllexport) bool __stdcall ExtensionManagerEnableAllPlugins();
+__declspec(dllexport) bool __stdcall ExtensionManagerEnablePlugin(char* szPluginName);
+__declspec(dllexport) bool __stdcall ExtensionManagerUnloadAllPlugins();
+__declspec(dllexport) bool __stdcall ExtensionManagerUnloadPlugin(char* szPluginName);
+__declspec(dllexport) void* __stdcall ExtensionManagerGetPluginInfo(char* szPluginName);
+
+#if !defined (_WIN64)
+	#ifdef __cplusplus
+}
+	#endif /*__cplusplus*/
+#endif

TitanEngine/distorm.h

@@ -0,0 +1,104 @@
+/* diStorm64 1.7.28 */
+
+/*
+distorm.h
+
+Copyright (C) 2003-2008 Gil Dabah, http://ragestorm.net/distorm/
+This library is licensed under the BSD license. See the file COPYING.
+
+This file is used in win32proj and linuxproj.
+*/
+
+/*
+ * 64 bit offsets support:
+ * If the diStorm library you use was compiled with 64 bits offsets,
+ * make sure you compile your own code with the following macro set:
+ * SUPPORT_64BIT_OFFSET
+ * Otherwise comment it out, or you will get a linker error of an unresolved symbol...
+ */
+// TINYC has a problem with some 64bits library functions, so pass.
+#ifndef __TINYC__
+	#define SUPPORT_64BIT_OFFSET
+#endif
+
+/* If your compiler doesn't support stdint.h, define your own 64 bits type. */
+#ifdef SUPPORT_64BIT_OFFSET
+	#ifdef _MSC_VER
+		#define OFFSET_INTEGER unsigned __int64
+	#else
+		#include <stdint.h>
+		#define OFFSET_INTEGER uint64_t
+	#endif
+#else
+	/* 32 bit offsets are used. */
+	#define OFFSET_INTEGER unsigned long
+#endif
+
+
+/* Support C++ compilers */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Decodes modes of the disassembler, 16 bits or 32 bits or 64 bits for AMD64, x86-64. */
+typedef enum {Decode16Bits = 0, Decode32Bits = 1, Decode64Bits = 2} _DecodeType;
+
+typedef OFFSET_INTEGER _OffsetType;
+
+/* Static size of strings. Do not change this value. */
+#define MAX_TEXT_SIZE (60)
+typedef struct {
+	unsigned int length;
+	unsigned char p[MAX_TEXT_SIZE]; /* p is a null terminated string. */
+} _WString;
+
+/* This structure holds all information the disassembler generates per instruction. */
+typedef struct {
+	_WString mnemonic; /* Mnemonic of decoded instruction, prefixed if required by REP, LOCK etc. */
+	_WString operands; /* Operands of the decoded instruction, up to 3 operands, comma-seperated. */
+	_WString instructionHex; /* Hex dump - little endian, including prefixes. */
+	unsigned int size; /* Size of decoded instruction. */
+	_OffsetType offset; /* Start offset of the decoded instruction. */
+} _DecodedInst;
+
+/* Return code of the decoding function. */
+typedef enum {DECRES_NONE, DECRES_SUCCESS, DECRES_MEMORYERR, DECRES_INPUTERR} _DecodeResult;
+
+/* distorm_decode
+ * Input:
+ *         offset - Origin of the given code (virtual address that is), NOT an offset in code.
+ *         code - Pointer to the code buffer to be disassembled.
+ *         length - Amount of bytes that should be decoded from the code buffer.
+ *         dt - Decoding mode, 16 bits (Decode16Bits), 32 bits (Decode32Bits) or AMD64 (Decode64Bits).
+ *         result - Array of type _DecodeInst which will be used by this function in order to return the disassembled instructions.
+ *         maxInstructions - The maximum number of entries in the result array that you pass to this function, so it won't exceed its bound.
+ *         usedInstructionsCount - Number of the instruction that successfully were disassembled and written to the result array.
+ * Output: usedInstructionsCount will hold the number of entries used in the result array
+ *         and the result array itself will be filled with the disassembled instructions.
+ * Return: DECRES_SUCCESS on success (no more to disassemble), DECRES_INPUTERR on input error (null code buffer, invalid decoding mode, etc...),
+ *         DECRES_MEMORYERR when there are not enough entries to use in the result array, BUT YOU STILL have to check for usedInstructionsCount!
+ * Side-Effects: Even if the return code is DECRES_MEMORYERR, there might STILL be data in the
+ *               array you passed, this function will try to use as much entries as possible!
+ * Notes:  1)The minimal size of maxInstructions is 15.
+ *         2)You will have to synchronize the offset,code and length by yourself if you pass code fragments and not a complete code block!
+ */
+#ifdef SUPPORT_64BIT_OFFSET
+	_DecodeResult distorm_decode64(_OffsetType codeOffset, const unsigned char* code, int codeLen, _DecodeType dt, _DecodedInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount);
+	#define distorm_decode distorm_decode64
+#else
+	_DecodeResult distorm_decode32(_OffsetType codeOffset, const unsigned char* code, int codeLen, _DecodeType dt, _DecodedInst result[], unsigned int maxInstructions, unsigned int* usedInstructionsCount);
+	#define distorm_decode distorm_decode32
+#endif
+
+/*
+ * distorm_version
+ * Input:
+ *        none
+ *
+ * Output: unsigned int - version of compiler library.
+ */
+unsigned int distorm_version();
+
+#ifdef __cplusplus
+} /* End Of Extern */
+#endif

TitanEngine/dllmain.cpp

@@ -0,0 +1,19 @@
+// dllmain.cpp : Defines the entry point for the DLL application.
+#include "stdafx.h"
+
+/*BOOL APIENTRY DllMain( HMODULE hModule,
+                       DWORD  ul_reason_for_call,
+                       LPVOID lpReserved
+					 )
+{
+	switch (ul_reason_for_call)
+	{
+	case DLL_PROCESS_ATTACH:
+		engineHandle = hModule;
+	case DLL_THREAD_ATTACH:
+	case DLL_THREAD_DETACH:
+	case DLL_PROCESS_DETACH:
+		break;
+	}
+	return TRUE;
+}*/

TitanEngine/resource.h

@@ -0,0 +1,36 @@
+//{{NO_DEPENDENCIES}}
+// Microsoft Visual C++ generated include file.
+// Used by TitanEngine.rc
+//
+#define ID_MANIFEST_RESOURCE            1
+#define IDD_UNPACKERTITLE               101
+#define IDD_MAINWINDOW                  103
+#define IDM_ABOUT                       104
+#define IDM_EXIT                        105
+#define IDI_MYUNPACKER                  107
+#define IDI_SMALL                       108
+#define IDC_MYUNPACKER                  109
+#define IDI_ICON2                       113
+#define IDR_MAINFRAME                   128
+#define IDB_BITMAP1                     130
+#define IDB_BITMAP2                     131
+#define IDI_ICON1                       132
+#define IDC_REALING                     700
+#define IDC_UNPACK                      701
+#define IDC_BROWSE                      702
+#define IDC_ABOUT                       703
+#define IDC_EXIT                        704
+#define IDC_FILENAME                    705
+#define IDC_COPYOVERLAY                 706
+#define IDC_LISTBOX                     800
+
+// Next default values for new objects
+// 
+#ifdef APSTUDIO_INVOKED
+#ifndef APSTUDIO_READONLY_SYMBOLS
+#define _APS_NEXT_RESOURCE_VALUE        114
+#define _APS_NEXT_COMMAND_VALUE         40001
+#define _APS_NEXT_CONTROL_VALUE         1001
+#define _APS_NEXT_SYMED_VALUE           102
+#endif
+#endif

TitanEngine/stdafx.cpp

@@ -0,0 +1,8 @@
+// stdafx.cpp : source file that includes just the standard includes
+// UnpackerEngine.pch will be the pre-compiled header
+// stdafx.obj will contain the pre-compiled type information
+
+#include "stdafx.h"
+
+// TODO: reference any additional headers you need in STDAFX.H
+// and not in this file

TitanEngine/stdafx.h

@@ -0,0 +1,852 @@
+// stdafx.h : include file for standard system include files,
+// or project specific include files that are used frequently, but
+// are changed infrequently
+//
+
+#pragma once
+#include "targetver.h"
+
+// Build switches
+//#define TITANENGINE_BUILD_ASM_LIB
+
+#define WIN32_LEAN_AND_MEAN             // Exclude rarely-used stuff from Windows headers
+// Windows Header Files:
+#include <windows.h>
+#include <Winternl.h>
+
+#if !defined(_WIN64)
+	#include "aplib.h"
+#endif
+#include "LzmaDec.h"
+
+#define UE_PLATFORM_x86 1
+#define UE_PLATFORM_x64 2
+#define UE_PLATFORM_ALL 3
+
+#define STATUS_SUCCESS ((NTSTATUS)0x00000000L) // ntsubauth
+
+// Engine.Internal:
+#define TITANENGINE_PAGESIZE 0x1000
+#define MAX_IMPORT_ALLOC 256 * 256
+#define MAX_RELOC_ALLOC 1024 * 1024
+#define UE_MAX_RESERVED_MEMORY_LEFT 32
+#define MAXIMUM_SECTION_NUMBER 32
+#define MAX_DECODE_INSTRUCTIONS 32
+#define MAX_INSTRUCTIONS (1000)
+#define MAXIMUM_BREAKPOINTS 1000
+#define MAXIMUM_INSTRUCTION_SIZE 40
+#define MAX_RET_SEARCH_INSTRUCTIONS 100
+
+#define UE_OPTION_IMPORTER_REALIGN_LOCAL_APIADDRESS 0
+#define UE_OPTION_IMPORTER_REALIGN_APIADDRESS 1
+#define UE_OPTION_IMPORTER_RETURN_APINAME 2
+#define UE_OPTION_IMPORTER_RETURN_APIADDRESS 3
+#define UE_OPTION_IMPORTER_RETURN_DLLNAME 4
+#define UE_OPTION_IMPORTER_RETURN_DLLINDEX 5
+#define UE_OPTION_IMPORTER_RETURN_DLLBASE 6
+#define UE_OPTION_IMPORTER_RETURN_FORWARDER_DLLNAME 7
+#define UE_OPTION_IMPORTER_RETURN_FORWARDER_DLLINDEX 8
+#define UE_OPTION_IMPORTER_RETURN_FORWARDER_APINAME 9
+#define UE_OPTION_IMPORTER_RETURN_FORWARDER_API_ORDINAL_NUMBER 10
+#define UE_OPTION_IMPORTER_RETURN_NEAREST_APIADDRESS 11
+#define UE_OPTION_IMPORTER_RETURN_NEAREST_APINAME 12
+#define UE_OPTION_IMPORTER_RETURN_API_ORDINAL_NUMBER 13
+
+typedef struct{
+	char PluginName[64];
+	DWORD PluginMajorVersion;
+	DWORD PluginMinorVersion;
+	HMODULE PluginBaseAddress;
+	void* TitanDebuggingCallBack;
+	void* TitanRegisterPlugin;
+	void* TitanReleasePlugin;
+	void* TitanResetPlugin;
+	bool PluginDisabled;
+}PluginInformation, *PPluginInformation;
+
+typedef struct{
+	ULONG_PTR BreakPointAddress;
+	ULONG_PTR Parameter1;
+	ULONG_PTR Parameter2;
+	int SnapShotNumber;
+	bool SingleBreak;
+}UnpackerInformation, *PUnpackerInformation;
+
+typedef struct{
+	bool ExpertModeActive;
+	wchar_t* szFileName;
+	bool ReserveModuleBase;
+	wchar_t* szCommandLine;
+	wchar_t* szCurrentFolder;
+	LPVOID EntryCallBack;
+}ExpertDebug, *PExpertDebug;
+
+typedef struct{
+	ULONG_PTR fLoadLibrary;
+	ULONG_PTR fFreeLibrary;
+	ULONG_PTR fGetModuleHandle;
+	ULONG_PTR fGetProcAddress;
+	ULONG_PTR fVirtualFree;
+	ULONG_PTR fExitProcess;
+	HMODULE fFreeLibraryHandle;
+	DWORD fExitProcessCode;
+}InjectCodeData, *PInjectCodeData;
+
+typedef struct{
+	ULONG_PTR fTrace;
+	ULONG_PTR fCreateFileA;
+	ULONG_PTR fCloseHandle;
+	ULONG_PTR fCreateFileMappingA;
+	ULONG_PTR AddressToTrace;
+}InjectImpRecCodeData, *PInjectImpRecCodeData;
+
+#define UE_MAX_BREAKPOINT_SIZE 2
+#define UE_BREAKPOINT_INT3 1
+#define UE_BREAKPOINT_LONG_INT3 2
+#define UE_BREAKPOINT_UD2 3
+
+typedef struct{
+	BYTE BreakPointActive;
+	ULONG_PTR BreakPointAddress;
+	DWORD BreakPointSize;
+	BYTE OriginalByte[10];
+	int BreakPointType;
+	int AdvancedBreakPointType;
+	int MemoryBpxRestoreOnHit;
+	DWORD NumberOfExecutions;
+	DWORD CmpRegister;
+	int CmpCondition;
+	ULONG_PTR CmpValue;
+	ULONG_PTR ExecuteCallBack;
+	ULONG_PTR CompareCallBack;
+	ULONG_PTR RemoveCallBack;
+	DWORD UniqueLinkId;
+}BreakPointDetail, *PBreakPointDetail;
+
+typedef struct{
+	bool DrxEnabled;
+	bool DrxExecution;
+	DWORD DrxBreakPointType;
+	DWORD DrxBreakPointSize;
+	ULONG_PTR DrxBreakAddress;
+	ULONG_PTR DrxCallBack;
+}HARDWARE_DATA, *PHARDWARE_DATA;
+
+typedef struct{
+	ULONG_PTR chBreakPoint;
+	ULONG_PTR chSingleStep;
+	ULONG_PTR chAccessViolation;
+	ULONG_PTR chIllegalInstruction;
+	ULONG_PTR chNonContinuableException;
+	ULONG_PTR chArrayBoundsException;
+	ULONG_PTR chFloatDenormalOperand;
+	ULONG_PTR chFloatDevideByZero;
+	ULONG_PTR chIntegerDevideByZero;
+	ULONG_PTR chIntegerOverflow;
+	ULONG_PTR chPrivilegedInstruction;
+	ULONG_PTR chPageGuard;
+	ULONG_PTR chEverythingElse;
+	ULONG_PTR chCreateThread;
+	ULONG_PTR chExitThread;
+	ULONG_PTR chCreateProcess;
+	ULONG_PTR chExitProcess;
+	ULONG_PTR chLoadDll;
+	ULONG_PTR chUnloadDll;
+	ULONG_PTR chOutputDebugString;
+	ULONG_PTR chAfterException;
+	ULONG_PTR chSystemBreakpoint;
+	ULONG_PTR chUnhandledException;
+	ULONG_PTR chAfterUnhandledException;
+}CustomHandler, *PCustomHandler;
+
+typedef struct{
+	DWORD OrdinalBase;
+	DWORD NumberOfExportFunctions;
+	char FileName[512];
+}EXPORT_DATA, *PEXPORT_DATA;
+
+typedef struct{
+	DWORD ExportedItem;
+}EXPORTED_DATA, *PEXPORTED_DATA;
+
+typedef struct{
+	WORD OrdinalNumber;
+}EXPORTED_DATA_WORD, *PEXPORTED_DATA_WORD;
+
+typedef struct{
+	BYTE DataByte[50];
+}MEMORY_CMP_HANDLER, *PMEMORY_CMP_HANDLER;
+
+typedef struct{
+	BYTE DataByte;
+}MEMORY_CMP_BYTE_HANDLER, *PMEMORY_CMP_BYTE_HANDLER;
+
+typedef struct MEMORY_COMPARE_HANDLER{
+	union {
+		BYTE bArrayEntry[1];
+		WORD wArrayEntry[1];
+		DWORD dwArrayEntry[1];
+		DWORD64 qwArrayEntry[1];
+	} Array;
+}MEMORY_COMPARE_HANDLER, *PMEMORY_COMPARE_HANDLER;
+
+#define MAX_DEBUG_DATA 512
+
+typedef struct{
+	HANDLE hThread;
+	DWORD dwThreadId;
+	void* ThreadStartAddress;
+	void* ThreadLocalBase;
+}THREAD_ITEM_DATA, *PTHREAD_ITEM_DATA;
+
+typedef struct{
+	HANDLE hProcess;
+	DWORD dwProcessId;
+	HANDLE hThread;
+	DWORD dwThreadId;
+	HANDLE hFile;
+	void* BaseOfImage;
+	void* ThreadStartAddress;
+	void* ThreadLocalBase;
+}PROCESS_ITEM_DATA, *PPROCESS_ITEM_DATA;
+
+typedef struct{
+    HANDLE hFile;
+	void* BaseOfDll;
+	HANDLE hFileMapping;
+	void* hFileMappingView;
+	char szLibraryPath[MAX_PATH];
+	char szLibraryName[MAX_PATH];
+}LIBRARY_ITEM_DATA, *PLIBRARY_ITEM_DATA;
+
+typedef struct{
+    HANDLE hFile;
+	void* BaseOfDll;
+	HANDLE hFileMapping;
+	void* hFileMappingView;
+	wchar_t szLibraryPath[MAX_PATH];
+	wchar_t szLibraryName[MAX_PATH];
+}LIBRARY_ITEM_DATAW, *PLIBRARY_ITEM_DATAW;
+
+#define MAX_LIBRARY_BPX 64
+#define UE_ON_LIB_LOAD 1
+#define UE_ON_LIB_UNLOAD 2
+#define UE_ON_LIB_ALL 3
+
+typedef struct{
+	char szLibraryName[128];
+	void* bpxCallBack;
+	bool bpxSingleShoot;
+	int bpxType;
+}LIBRARY_BREAK_DATA, *PLIBRARY_BREAK_DATA;
+
+#define TEE_MAXIMUM_HOOK_SIZE 14
+#if defined(_WIN64)
+	#define TEE_MAXIMUM_HOOK_INSERT_SIZE 14
+#else
+	#define TEE_MAXIMUM_HOOK_INSERT_SIZE 5
+#endif
+
+#define TEE_HOOK_NRM_JUMP 1
+#define TEE_HOOK_NRM_CALL 3
+#define TEE_HOOK_IAT 5
+#define TEE_MAXIMUM_HOOK_RELOCS 7
+
+typedef struct HOOK_ENTRY{
+	bool IATHook;
+	BYTE HookType;
+	DWORD HookSize;
+	void* HookAddress;
+	void* RedirectionAddress;
+	BYTE HookBytes[TEE_MAXIMUM_HOOK_SIZE];
+	BYTE OriginalBytes[TEE_MAXIMUM_HOOK_SIZE];
+	void* IATHookModuleBase;
+	DWORD IATHookNameHash;
+	bool HookIsEnabled;
+	bool HookIsRemote;
+	void* PatchedEntry;
+	DWORD RelocationInfo[TEE_MAXIMUM_HOOK_RELOCS];
+	int RelocationCount;
+}HOOK_ENTRY, *PHOOK_ENTRY;
+
+// Engine.External:
+#define UE_ACCESS_READ 0
+#define UE_ACCESS_WRITE 1
+#define UE_ACCESS_ALL 2
+
+#define UE_HIDE_BASIC 1
+
+#define UE_PLUGIN_CALL_REASON_PREDEBUG 1
+#define UE_PLUGIN_CALL_REASON_EXCEPTION 2
+#define UE_PLUGIN_CALL_REASON_POSTDEBUG 3
+
+#define UE_ENGINE_ALOW_MODULE_LOADING 1
+#define UE_ENGINE_AUTOFIX_FORWARDERS 2
+#define UE_ENGINE_PASS_ALL_EXCEPTIONS 3
+#define UE_ENGINE_NO_CONSOLE_WINDOW 4
+#define UE_ENGINE_BACKUP_FOR_CRITICAL_FUNCTIONS 5
+#define UE_ENGINE_CALL_PLUGIN_CALLBACK 6
+#define UE_ENGINE_RESET_CUSTOM_HANDLER 7
+#define UE_ENGINE_CALL_PLUGIN_DEBUG_CALLBACK 8
+
+#define UE_OPTION_REMOVEALL 1
+#define UE_OPTION_DISABLEALL 2
+#define UE_OPTION_REMOVEALLDISABLED 3
+#define UE_OPTION_REMOVEALLENABLED 4
+
+#define UE_STATIC_DECRYPTOR_XOR 1
+#define UE_STATIC_DECRYPTOR_SUB 2
+#define UE_STATIC_DECRYPTOR_ADD 3
+
+#define UE_STATIC_DECRYPTOR_FOREWARD 1
+#define UE_STATIC_DECRYPTOR_BACKWARD 2
+
+#define UE_STATIC_KEY_SIZE_1 1
+#define UE_STATIC_KEY_SIZE_2 2
+#define UE_STATIC_KEY_SIZE_4 4
+#define UE_STATIC_KEY_SIZE_8 8
+
+#define UE_STATIC_APLIB 1
+#define UE_STATIC_APLIB_DEPACK 2
+#define UE_STATIC_LZMA 3
+
+#define UE_STATIC_HASH_MD5 1
+#define UE_STATIC_HASH_SHA1 2
+#define UE_STATIC_HASH_CRC32 3
+
+#define UE_RESOURCE_LANGUAGE_ANY -1
+
+#define UE_PE_OFFSET 0
+#define UE_IMAGEBASE 1
+#define UE_OEP 2
+#define UE_SIZEOFIMAGE 3
+#define UE_SIZEOFHEADERS 4
+#define UE_SIZEOFOPTIONALHEADER 5
+#define UE_SECTIONALIGNMENT 6
+#define UE_IMPORTTABLEADDRESS 7
+#define UE_IMPORTTABLESIZE 8
+#define UE_RESOURCETABLEADDRESS 9
+#define UE_RESOURCETABLESIZE 10
+#define UE_EXPORTTABLEADDRESS 11
+#define UE_EXPORTTABLESIZE 12
+#define UE_TLSTABLEADDRESS 13
+#define UE_TLSTABLESIZE 14
+#define UE_RELOCATIONTABLEADDRESS 15
+#define UE_RELOCATIONTABLESIZE 16
+#define UE_TIMEDATESTAMP 17
+#define UE_SECTIONNUMBER 18
+#define UE_CHECKSUM 19
+#define UE_SUBSYSTEM 20
+#define UE_CHARACTERISTICS 21
+#define UE_NUMBEROFRVAANDSIZES 22
+#define UE_SECTIONNAME 23
+#define UE_SECTIONVIRTUALOFFSET 24
+#define UE_SECTIONVIRTUALSIZE 25
+#define UE_SECTIONRAWOFFSET 26
+#define UE_SECTIONRAWSIZE 27
+#define UE_SECTIONFLAGS 28
+
+#define UE_CH_BREAKPOINT 1
+#define UE_CH_SINGLESTEP 2
+#define UE_CH_ACCESSVIOLATION 3
+#define UE_CH_ILLEGALINSTRUCTION 4
+#define UE_CH_NONCONTINUABLEEXCEPTION 5
+#define UE_CH_ARRAYBOUNDSEXCEPTION 6
+#define UE_CH_FLOATDENORMALOPERAND 7
+#define UE_CH_FLOATDEVIDEBYZERO 8
+#define UE_CH_INTEGERDEVIDEBYZERO 9
+#define UE_CH_INTEGEROVERFLOW 10
+#define UE_CH_PRIVILEGEDINSTRUCTION 11
+#define UE_CH_PAGEGUARD 12
+#define UE_CH_EVERYTHINGELSE 13
+#define UE_CH_CREATETHREAD 14
+#define UE_CH_EXITTHREAD 15
+#define UE_CH_CREATEPROCESS 16
+#define UE_CH_EXITPROCESS 17
+#define UE_CH_LOADDLL 18
+#define UE_CH_UNLOADDLL 19
+#define UE_CH_OUTPUTDEBUGSTRING 20
+#define UE_CH_AFTEREXCEPTIONPROCESSING 21
+#define UE_CH_ALLEVENTS 22
+#define UE_CH_SYSTEMBREAKPOINT 23
+#define UE_CH_UNHANDLEDEXCEPTION 24
+#define UE_CH_AFTERUNHANDLEDEXCEPTION 25
+
+#define UE_OPTION_HANDLER_RETURN_HANDLECOUNT 1
+#define UE_OPTION_HANDLER_RETURN_ACCESS 2
+#define UE_OPTION_HANDLER_RETURN_FLAGS 3
+#define UE_OPTION_HANDLER_RETURN_TYPENAME 4
+#define UE_OPTION_HANDLER_RETURN_TYPENAME_UNICODE 5
+
+typedef struct{
+	ULONG ProcessId;
+	HANDLE hHandle;
+}HandlerArray, *PHandlerArray;
+
+#define UE_BPXREMOVED 0
+#define UE_BPXACTIVE 1
+#define UE_BPXINACTIVE 2
+
+#define UE_BREAKPOINT 0
+#define UE_SINGLESHOOT 1
+#define UE_HARDWARE 2
+#define UE_MEMORY 3
+#define UE_MEMORY_READ 4
+#define UE_MEMORY_WRITE 5
+#define UE_BREAKPOINT_TYPE_INT3 0x10000000
+#define UE_BREAKPOINT_TYPE_LONG_INT3 0x20000000
+#define UE_BREAKPOINT_TYPE_UD2 0x30000000
+
+#define UE_HARDWARE_EXECUTE 4
+#define UE_HARDWARE_WRITE 5
+#define UE_HARDWARE_READWRITE 6
+
+#define UE_HARDWARE_SIZE_1 7
+#define UE_HARDWARE_SIZE_2 8
+#define UE_HARDWARE_SIZE_4 9
+
+#define UE_APISTART 0
+#define UE_APIEND 1
+
+#define UE_FUNCTION_STDCALL 1
+#define UE_FUNCTION_CCALL 2
+#define UE_FUNCTION_FASTCALL 3
+#define UE_FUNCTION_STDCALL_RET 4
+#define UE_FUNCTION_CCALL_RET 5
+#define UE_FUNCTION_FASTCALL_RET 6
+#define UE_FUNCTION_STDCALL_CALL 7
+#define UE_FUNCTION_CCALL_CALL 8
+#define UE_FUNCTION_FASTCALL_CALL 9
+#define UE_PARAMETER_BYTE 0
+#define UE_PARAMETER_WORD 1
+#define UE_PARAMETER_DWORD 2
+#define UE_PARAMETER_QWORD 3
+#define UE_PARAMETER_PTR_BYTE 4
+#define UE_PARAMETER_PTR_WORD 5
+#define UE_PARAMETER_PTR_DWORD 6
+#define UE_PARAMETER_PTR_QWORD 7
+#define UE_PARAMETER_STRING 8
+#define UE_PARAMETER_UNICODE 9
+
+#define UE_CMP_NOCONDITION 0
+#define UE_CMP_EQUAL 1
+#define UE_CMP_NOTEQUAL 2
+#define UE_CMP_GREATER 3
+#define UE_CMP_GREATEROREQUAL 4
+#define UE_CMP_LOWER 5
+#define UE_CMP_LOWEROREQUAL 6
+#define UE_CMP_REG_EQUAL 7
+#define UE_CMP_REG_NOTEQUAL 8
+#define UE_CMP_REG_GREATER 9
+#define UE_CMP_REG_GREATEROREQUAL 10
+#define UE_CMP_REG_LOWER 11
+#define UE_CMP_REG_LOWEROREQUAL 12
+#define UE_CMP_ALWAYSFALSE 13
+
+#define UE_EAX 1
+#define UE_EBX 2
+#define UE_ECX 3
+#define UE_EDX 4
+#define UE_EDI 5
+#define UE_ESI 6
+#define UE_EBP 7
+#define UE_ESP 8
+#define UE_EIP 9
+#define UE_EFLAGS 10
+#define UE_DR0 11
+#define UE_DR1 12
+#define UE_DR2 13
+#define UE_DR3 14
+#define UE_DR6 15
+#define UE_DR7 16
+#define UE_RAX 17
+#define UE_RBX 18
+#define UE_RCX 19
+#define UE_RDX 20
+#define UE_RDI 21
+#define UE_RSI 22
+#define UE_RBP 23
+#define UE_RSP 24
+#define UE_RIP 25
+#define UE_RFLAGS 26
+#define UE_R8 27
+#define UE_R9 28
+#define UE_R10 29
+#define UE_R11 30
+#define UE_R12 31
+#define UE_R13 32
+#define UE_R14 33
+#define UE_R15 34
+#define UE_CIP 35
+#define UE_CSP 36
+#define UE_SEG_GS 37
+#define UE_SEG_FS 38
+#define UE_SEG_ES 39
+#define UE_SEG_DS 40
+#define UE_SEG_CS 41
+#define UE_SEG_SS 42
+
+typedef struct{
+	DWORD PE32Offset;
+	DWORD ImageBase;
+    DWORD OriginalEntryPoint;
+    DWORD NtSizeOfImage;
+    DWORD NtSizeOfHeaders;
+    WORD SizeOfOptionalHeaders;
+	DWORD FileAlignment;
+    DWORD SectionAligment;
+    DWORD ImportTableAddress;
+	DWORD ImportTableSize;
+    DWORD ResourceTableAddress;
+    DWORD ResourceTableSize;
+    DWORD ExportTableAddress;
+    DWORD ExportTableSize;
+    DWORD TLSTableAddress;
+    DWORD TLSTableSize;
+    DWORD RelocationTableAddress;
+    DWORD RelocationTableSize;
+    DWORD TimeDateStamp;
+    WORD SectionNumber;
+    DWORD CheckSum;
+	WORD SubSystem;
+	WORD Characteristics;
+	DWORD NumberOfRvaAndSizes;
+}PE32Struct, *PPE32Struct;
+
+typedef struct{
+	DWORD PE64Offset;
+	DWORD64 ImageBase;
+    DWORD OriginalEntryPoint;
+    DWORD NtSizeOfImage;
+    DWORD NtSizeOfHeaders;
+    WORD SizeOfOptionalHeaders;
+	DWORD FileAlignment;
+    DWORD SectionAligment;
+    DWORD ImportTableAddress;
+	DWORD ImportTableSize;
+    DWORD ResourceTableAddress;
+    DWORD ResourceTableSize;
+    DWORD ExportTableAddress;
+    DWORD ExportTableSize;
+    DWORD TLSTableAddress;
+    DWORD TLSTableSize;
+    DWORD RelocationTableAddress;
+    DWORD RelocationTableSize;
+    DWORD TimeDateStamp;
+    WORD SectionNumber;
+    DWORD CheckSum;
+	WORD SubSystem;
+	WORD Characteristics;
+	DWORD NumberOfRvaAndSizes;
+}PE64Struct, *PPE64Struct;
+
+typedef struct{
+	bool NewDll;
+	int NumberOfImports;
+	ULONG_PTR ImageBase;
+	ULONG_PTR BaseImportThunk;
+	ULONG_PTR ImportThunk;
+	char* APIName;
+	char* DLLName;
+}ImportEnumData, *PImportEnumData;
+
+#define UE_DEPTH_SURFACE 0
+#define UE_DEPTH_DEEP 1
+
+#define UE_UNPACKER_CONDITION_SEARCH_FROM_EP 1
+
+#define UE_UNPACKER_CONDITION_LOADLIBRARY 1
+#define UE_UNPACKER_CONDITION_GETPROCADDRESS 2
+#define UE_UNPACKER_CONDITION_ENTRYPOINTBREAK 3
+#define UE_UNPACKER_CONDITION_RELOCSNAPSHOT1 4
+#define UE_UNPACKER_CONDITION_RELOCSNAPSHOT2 5
+
+#define UE_FIELD_OK 0
+#define UE_FIELD_BROKEN_NON_FIXABLE 1
+#define UE_FIELD_BROKEN_NON_CRITICAL 2
+#define UE_FIELD_BROKEN_FIXABLE_FOR_STATIC_USE 3
+#define UE_FIELD_BROKEN_BUT_CAN_BE_EMULATED 4
+#define UE_FILED_FIXABLE_NON_CRITICAL 5
+#define UE_FILED_FIXABLE_CRITICAL 6
+#define UE_FIELD_NOT_PRESET 7
+#define UE_FIELD_NOT_PRESET_WARNING 8
+
+#define UE_RESULT_FILE_OK 10
+#define UE_RESULT_FILE_INVALID_BUT_FIXABLE 11
+#define UE_RESULT_FILE_INVALID_AND_NON_FIXABLE 12
+#define UE_RESULT_FILE_INVALID_FORMAT 13
+
+typedef struct{
+	BYTE OveralEvaluation;
+	bool EvaluationTerminatedByException;
+	bool FileIs64Bit;
+	bool FileIsDLL;
+	bool FileIsConsole;
+	bool MissingDependencies;
+	bool MissingDeclaredAPIs;
+	BYTE SignatureMZ;
+	BYTE SignaturePE;
+	BYTE EntryPoint;
+	BYTE ImageBase;
+	BYTE SizeOfImage;
+	BYTE FileAlignment;
+	BYTE SectionAlignment;
+	BYTE ExportTable;
+	BYTE RelocationTable;
+	BYTE ImportTable;
+	BYTE ImportTableSection;
+	BYTE ImportTableData;
+	BYTE IATTable;
+	BYTE TLSTable;
+	BYTE LoadConfigTable;
+	BYTE BoundImportTable;
+	BYTE COMHeaderTable;
+	BYTE ResourceTable;
+	BYTE ResourceData;
+	BYTE SectionTable;
+}FILE_STATUS_INFO, *PFILE_STATUS_INFO;
+
+typedef struct{
+	BYTE OveralEvaluation;
+	bool FixingTerminatedByException;
+	bool FileFixPerformed;
+	bool StrippedRelocation;
+	bool DontFixRelocations;
+	DWORD OriginalRelocationTableAddress;
+	DWORD OriginalRelocationTableSize;
+	bool StrippedExports;
+	bool DontFixExports;
+	DWORD OriginalExportTableAddress;
+	DWORD OriginalExportTableSize;
+	bool StrippedResources;
+	bool DontFixResources;
+	DWORD OriginalResourceTableAddress;
+	DWORD OriginalResourceTableSize;
+	bool StrippedTLS;
+	bool DontFixTLS;
+	DWORD OriginalTLSTableAddress;
+	DWORD OriginalTLSTableSize;
+	bool StrippedLoadConfig;
+	bool DontFixLoadConfig;
+	DWORD OriginalLoadConfigTableAddress;
+	DWORD OriginalLoadConfigTableSize;
+	bool StrippedBoundImports;
+	bool DontFixBoundImports;
+	DWORD OriginalBoundImportTableAddress;
+	DWORD OriginalBoundImportTableSize;
+	bool StrippedIAT;
+	bool DontFixIAT;
+	DWORD OriginalImportAddressTableAddress;
+	DWORD OriginalImportAddressTableSize;
+	bool StrippedCOM;
+	bool DontFixCOM;
+	DWORD OriginalCOMTableAddress;
+	DWORD OriginalCOMTableSize;
+}FILE_FIX_INFO, *PFILE_FIX_INFO;
+
+typedef struct{
+	void* AllocatedSection;
+	DWORD SectionVirtualOffset;
+	DWORD SectionVirtualSize;
+	DWORD SectionAttributes;
+	DWORD SectionDataHash;
+	bool AccessedAlready;
+	bool WriteCheckMode;
+}TracerSectionData, *PTracerSectionData;
+
+typedef struct{
+	int SectionNumber;
+	TracerSectionData SectionData[MAXIMUM_SECTION_NUMBER];
+	int OriginalEntryPointNum;
+	ULONG_PTR OriginalImageBase;
+	ULONG_PTR OriginalEntryPoint;
+	ULONG_PTR LoadedImageBase;
+	ULONG_PTR SizeOfImage;
+	ULONG_PTR CurrentIntructionPointer;
+	ULONG_PTR MemoryAccessedFrom;
+	ULONG_PTR MemoryAccessed;
+	ULONG_PTR AccessType;
+	void* InitCallBack;
+	void* EPCallBack;
+	bool FileIsDLL;
+	bool FileIs64bit;
+}GenericOEPTracerData, *PGenericOEPTracerData;
+
+// UnpackEngine.Handler:
+
+#define NTDLL_SystemHandleInfo 0x10
+#define ObjectBasicInformation 0
+#define ObjectNameInformation 1
+#define ObjectTypeInformation 2
+
+/*typedef enum _POOL_TYPE {
+	NonPagedPool,
+	PagedPool,
+	NonPagedPoolMustSucceed,
+	DontUseThisType,
+	NonPagedPoolCacheAligned,
+	PagedPoolCacheAligned,
+	NonPagedPoolCacheAlignedMustS,
+	MaxPoolType,
+	NonPagedPoolSession,
+	PagedPoolSession,
+	NonPagedPoolMustSucceedSession,
+	DontUseThisTypeSession,
+	NonPagedPoolCacheAlignedSession,
+	PagedPoolCacheAlignedSession,
+	NonPagedPoolCacheAlignedMustSSession
+} POOL_TYPE;*/
+
+typedef struct{
+	ULONG ProcessId;
+	UCHAR ObjectTypeNumber;
+	UCHAR Flags; // 0x01 = PROTECT_FROM_CLOSE, 0x02 = INHERIT
+	USHORT hHandle;
+	PVOID Object;
+	ACCESS_MASK GrantedAccess;
+}NTDLL_QUERY_HANDLE_INFO, *PNTDLL_QUERY_HANDLE_INFO;
+
+/*typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION {
+	ULONG Attributes;
+	ACCESS_MASK GrantedAccess;
+	ULONG HandleCount;
+	ULONG PointerCount;
+	ULONG PagedPoolUsage;
+	ULONG NonPagedPoolUsage;
+	ULONG Reserved[3];
+	ULONG NameInformationLength;
+	ULONG TypeInformationLength;
+	ULONG SecurityDescriptorLength;
+	LARGE_INTEGER CreateTime;
+} PUBLIC_OBJECT_BASIC_INFORMATION, *PPUBLIC_OBJECT_BASIC_INFORMATION;*/
+
+typedef struct _PUBLIC_OBJECT_NAME_INFORMATION { // Information Class 1
+	UNICODE_STRING Name;
+} PUBLIC_OBJECT_NAME_INFORMATION, *PPUBLIC_OBJECT_NAME_INFORMATION;
+
+/*typedef struct _PUBLIC_OBJECT_TYPE_INFORMATION { // Information Class 2
+	UNICODE_STRING Name;
+	ULONG ObjectCount;
+	ULONG HandleCount;
+	ULONG Reserved1[4];
+	ULONG PeakObjectCount;
+	ULONG PeakHandleCount;
+	ULONG Reserved2[4];
+	ULONG InvalidAttributes;
+	GENERIC_MAPPING GenericMapping;
+	ULONG ValidAccess;
+	UCHAR Unknown;
+	BOOLEAN MaintainHandleDatabase;
+	POOL_TYPE PoolType;
+	ULONG PagedPoolUsage;
+	ULONG NonPagedPoolUsage;
+} PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;*/
+
+typedef void (*PPEBLOCKROUTINE)(
+	PVOID PebLock
+);
+
+/*typedef struct _PEB_LDR_DATA {
+  ULONG                   Length;
+  BOOLEAN                 Initialized;
+  PVOID                   SsHandle;
+  LIST_ENTRY              InLoadOrderModuleList;
+  LIST_ENTRY              InMemoryOrderModuleList;
+  LIST_ENTRY              InInitializationOrderModuleList;
+} PEB_LDR_DATA, *PPEB_LDR_DATA;*/
+
+/*typedef struct _RTL_DRIVE_LETTER_CURDIR {
+  USHORT                  Flags;
+  USHORT                  Length;
+  ULONG                   TimeStamp;
+  UNICODE_STRING          DosPath;
+} RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR;
+
+typedef struct _RTL_USER_PROCESS_PARAMETERS {
+  ULONG                   MaximumLength;
+  ULONG                   Length;
+  ULONG                   Flags;
+  ULONG                   DebugFlags;
+  PVOID                   ConsoleHandle;
+  ULONG                   ConsoleFlags;
+  HANDLE                  StdInputHandle;
+  HANDLE                  StdOutputHandle;
+  HANDLE                  StdErrorHandle;
+  UNICODE_STRING          CurrentDirectoryPath;
+  HANDLE                  CurrentDirectoryHandle;
+  UNICODE_STRING          DllPath;
+  UNICODE_STRING          ImagePathName;
+  UNICODE_STRING          CommandLine;
+  PVOID                   Environment;
+  ULONG                   StartingPositionLeft;
+  ULONG                   StartingPositionTop;
+  ULONG                   Width;
+  ULONG                   Height;
+  ULONG                   CharWidth;
+  ULONG                   CharHeight;
+  ULONG                   ConsoleTextAttributes;
+  ULONG                   WindowFlags;
+  ULONG                   ShowWindowFlags;
+  UNICODE_STRING          WindowTitle;
+  UNICODE_STRING          DesktopName;
+  UNICODE_STRING          ShellInfo;
+  UNICODE_STRING          RuntimeData;
+  RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20];
+} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;*/
+
+typedef struct _NTPEB {
+  BOOLEAN                 InheritedAddressSpace;
+  BOOLEAN                 ReadImageFileExecOptions;
+  BOOLEAN                 BeingDebugged;
+  BOOLEAN                 Spare;
+  HANDLE                  Mutant;
+  PVOID                   ImageBaseAddress;
+  PPEB_LDR_DATA           LoaderData;
+  PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
+  PVOID                   SubSystemData;
+  PVOID                   ProcessHeap;
+  PVOID                   FastPebLock;
+  void*					  FastPebLockRoutine;
+  void*					  FastPebUnlockRoutine;
+  ULONG                   EnvironmentUpdateCount;
+  PVOID*                  KernelCallbackTable;
+  PVOID                   EventLogSection;
+  PVOID                   EventLog;
+  void*					  FreeList;
+  ULONG                   TlsExpansionCounter;
+  PVOID                   TlsBitmap;
+  ULONG                   TlsBitmapBits[0x2];
+  PVOID                   ReadOnlySharedMemoryBase;
+  PVOID                   ReadOnlySharedMemoryHeap;
+  PVOID*                  ReadOnlyStaticServerData;
+  PVOID                   AnsiCodePageData;
+  PVOID                   OemCodePageData;
+  PVOID                   UnicodeCaseTableData;
+  ULONG                   NumberOfProcessors;
+  ULONG                   NtGlobalFlag;
+  BYTE                    Spare2[0x4];
+  LARGE_INTEGER           CriticalSectionTimeout;
+  ULONG                   HeapSegmentReserve;
+  ULONG                   HeapSegmentCommit;
+  ULONG                   HeapDeCommitTotalFreeThreshold;
+  ULONG                   HeapDeCommitFreeBlockThreshold;
+  ULONG                   NumberOfHeaps;
+  ULONG                   MaximumNumberOfHeaps;
+  PVOID*                  *ProcessHeaps;
+  PVOID                   GdiSharedHandleTable;
+  PVOID                   ProcessStarterHelper;
+  PVOID                   GdiDCAttributeList;
+  PVOID                   LoaderLock;
+  ULONG                   OSMajorVersion;
+  ULONG                   OSMinorVersion;
+  ULONG                   OSBuildNumber;
+  ULONG                   OSPlatformId;
+  ULONG                   ImageSubSystem;
+  ULONG                   ImageSubSystemMajorVersion;
+  ULONG                   ImageSubSystemMinorVersion;
+  ULONG                   GdiHandleBuffer[0x22];
+  ULONG                   PostProcessInitRoutine;
+  ULONG                   TlsExpansionBitmap;
+  BYTE                    TlsExpansionBitmapBits[0x80];
+  ULONG                   SessionId;
+} NTPEB, *PNTPEB;

TitanEngine/targetver.h

@@ -0,0 +1,24 @@
+#pragma once
+
+// The following macros define the minimum required platform.  The minimum required platform
+// is the earliest version of Windows, Internet Explorer etc. that has the necessary features to run 
+// your application.  The macros work by enabling all features available on platform versions up to and 
+// including the version specified.
+
+// Modify the following defines if you have to target a platform prior to the ones specified below.
+// Refer to MSDN for the latest info on corresponding values for different platforms.
+#ifndef WINVER                          // Specifies that the minimum required platform is Windows Vista.
+#define WINVER 0x0600           // Change this to the appropriate value to target other versions of Windows.
+#endif
+
+#ifndef _WIN32_WINNT            // Specifies that the minimum required platform is Windows Vista.
+#define _WIN32_WINNT 0x0600     // Change this to the appropriate value to target other versions of Windows.
+#endif
+
+#ifndef _WIN32_WINDOWS          // Specifies that the minimum required platform is Windows 98.
+#define _WIN32_WINDOWS 0x0410 // Change this to the appropriate value to target Windows Me or later.
+#endif
+
+#ifndef _WIN32_IE                       // Specifies that the minimum required platform is Internet Explorer 7.0.
+#define _WIN32_IE 0x0700        // Change this to the appropriate value to target other versions of IE.
+#endif

TitanEngineLoaders/LibraryLoader/x32/LibraryLoader.asm

@@ -0,0 +1,31 @@
+format PE GUI
+entry start
+
+section '.text' code readable executable
+    start:
+	push szLibraryName
+	call [LoadLibraryW]
+	cmp eax,1
+	sbb ecx,ecx
+	and ecx,61703078h
+	push ecx
+	call [ExitProcess]
+
+section '.data' data readable writeable
+    szLibraryName dw 512 dup (?)
+
+section '.idata' import data readable writeable
+    dd 0,0,0,rva kernel_name,rva kernel_table
+    dd 0,0,0,0,0
+
+    kernel_table:
+	ExitProcess dd rva _ExitProcess
+	LoadLibraryW dd rva _LoadLibraryW
+	dd 0
+
+    kernel_name db 'kernel32.dll',0
+
+    _ExitProcess dw 0
+    db 'ExitProcess',0
+    _LoadLibraryW dw 0
+    db 'LoadLibraryW',0

TitanEngineLoaders/LibraryLoader/x64/LibraryLoader.asm

@@ -0,0 +1,31 @@
+format PE64 GUI
+entry start
+
+section '.text' code readable executable
+    start:
+	sub rsp,8*5
+	lea rcx,[szLibraryName]
+	call [LoadLibraryW]
+	cmp rax,1
+	sbb ecx,ecx
+	and ecx,61703078h
+	call [ExitProcess]
+
+section '.data' data readable writeable
+    szLibraryName dw 512 dup (?)
+
+section '.idata' import data readable writeable
+    dd 0,0,0,rva kernel_name,rva kernel_table
+    dd 0,0,0,0,0
+
+    kernel_table:
+	ExitProcess dq rva _ExitProcess
+	LoadLibraryW dq rva _LoadLibraryW
+	dq 0
+
+    kernel_name db 'KERNEL32.DLL',0
+
+    _ExitProcess dw 0
+    db 'ExitProcess',0
+    _LoadLibraryW dw 0
+    db 'LoadLibraryW',0