Nim port of sliver's BOF loading approach (discussed at https://tishina.in/execution/bof-lazy-loading). Embeds the COFFLoader dll, loads it with memlib, builds the argument bytearray and defines a callback, and fires LoadAndRun (courtesy to the team behind sliver).
This PoC loads and runs whoami.o from Situational-Awareness-BOF collection without any arguments.
nimble install winim memlib ptr_math
nim c main.c
khchen (memlib/winim), trustedsec (COFFLoader/SA-BOF), sliver(LoadAndRun)