LoadLibrary is a binary instrumentation framework that loads and executes Windows PE/COFF DLLs natively within Linux processes. It provides a cross-platform binary execution layer that maps Windows portable executable files into Linux memory, resolving imports and relocations so that exported functions can be called as if they were native Linux library routines.
The framework enables runtime interception and modification of Windows DLL function behavior, including redirecting API calls to Linux-native implementations through a binary patching hook engine. It includes a code coverage auditor that records executed basic blocks in loaded DLLs and produces reports for fuzzing corpus distillation and security research. LoadLibrary also supports debugging loaded DLLs with GDB, providing full symbol support, breakpoints, and stack traces for source-level analysis.
The project covers automated security testing workflows, including fuzzing Windows libraries on Linux to find memory corruption bugs using tools like AddressSanitizer and Valgrind. It also enables porting Windows antivirus engines to Linux for scanning files, and provides a fuzzing corpus distiller that reduces large input sets to minimal subsets that still exercise all recorded code paths.
