EATing and Injex

So, turns out GetProcAddress() gets the procedure address from the export table of the specified module. The GetProcAddress function is sometimes used as a way to bypass or check for Import Address Table hooking. These hooks shouldn't be so easily detectable. So I will be adding Export Address Table hooking to Injex as well. And for those interested in seeing how to walk a EAT and IAT in a PE/PE+:  http://www.rohitab.com/discuss/topic/37871-pe-format-iat-questions/