 I want to show you a new feature that I added to my command line from ReactOS. So in case you have never seen this before, it's something I did several years ago. So you have this spreadsheet here. Let me open this. And this spreadsheet contains VBA code. That's the code that injects a DLL into the Excel memory. So this is the DLL. And the DLL that I wrote here is cmd.dll. So it's an adapted command line interpreter from the ReactOS. So I transformed it into a DLL. And when I do this with my special shell code, when I run this, so here I have the command line. But if we look into process explorer, so you have Excel here, there is no cmd.exe process be needed. So there is no child process. If we target here the window, you can see that it also belongs to Excel.exe. And if we look into the DLLs, there is no cmd.dll. So this is the DLL that I created. I added one command and that command is called DLL. And with this command, you can load a DLL into memory of process, into the memory of Excel and have it executed. So I have one here, message box, hello DLL. It's a DLL that just displays a message box, that's all. So you can do DLL, message box, hello DLL. And now it will be loaded into Excel's process memory, like this. So here we have the message box. We can check this with process explorer. It belongs to the Excel process. And now if we look here in the list, you can see here message box, hello.dll. So the DLL is loaded into the Excel process. And if I click OK, the DLL termites and it unloads itself. That's how the command works. But then with option slash M, we are going to use not the load library API function to load the DLL, but a custom function that loads the DLL into memory without using load library. And the effect of that, so let's load it. It's exactly the same. So the DLL executes. But if you look into the DLL plane, you see that message box DLL now doesn't appear. OK, like this. So this is actually not new. It's something that I wrote several years ago. What I did now is the following. I added option slash A, help DLL. So now you have option slash A. So instead of working with the file that is on disk, we will work with something that is purely in memory. And it works as such. So here I have a second command. And if we look into the code here, it's another DLL. The hex code is here. And when I execute this, when I click the button, the code is read from the VBA code, executed and written into the process memory. And then we receive the address where it was written. So 1f80000. So that's the XML address where the DLL was injected into the process. So not from disk, but from the macro. And now if I go to my command line, I can execute a command DLL slash A and type address 1f80000. And the DLL will execute. So now the DLL was not loaded from disk into memory, but from memory into memory.