Hi sec_ware,

You're right, the 2nd method is suspending the thread and changing the EIP to the get code written to memory executed.
I don't think writing a tutorial will be useful since on codeguru.com there already is a nice tutorial about 3 different ways to inject dll's and they use C/C++ code to explain. For most people that would be much better then my tutorial in assembly

@xiphias360, you know, I don't need to persuade anyone to use this program instead of any other.
I wrote it myself since the CreateRemoteThread method is the easiest one but also the easiest to detect. So I wanted a program which could load any dll in an undetected way.
The main reason I used both methods is that suspending the thread might cause a delay before the dll is executed, If the thread itself isn't active at the time of injecting then you'll have to wait until its active again.
Sometimes this might not be a result you want to have, hence the 2nd method.
There's of course a 3rd method as well, by using a hook, but I didn't see any advantages by using that method that the other 2 methods don't already have.

To make a long story short, I decided to write this program since I feel it can be of use to me. The fact that I'm sharing it is merely so that others don't need to reinvent the wheel. It's up to them to make the choice which one to use, I'm not selling it so I don't have any advantages if someone uses this or another program.
The reason I've distributed it packed and without source is simple, I've seen several programs over the years of which I'm sure that they contain parts of my code while the author claims it's his code. That's the risk of sharing sources but by providing the source on request I hope to prevent these actions since I can control who has the source.

The only disadvantage of this approach is that the original program is ~10kb in size while the packed version is much bigger