Exetools - x86 Inline hooking engine (using trampolines)

Exetools (https://forum.exetools.com/index.php)

- Source Code (https://forum.exetools.com/forumdisplay.php?f=46)

- - x86 Inline hooking engine (using trampolines) (https://forum.exetools.com/showthread.php?t=16505)

sh3dow

02-03-2015 01:05

x86 Inline hooking engine (using trampolines)

BasicHook is x86 Inline hooking engine (using trampolines)
Hooks functions using 32-bit relative jump, writing is done atomically to avoid race conditions. Uses hde32 from instruction length disassembly.

PHP Code:


		
			
https://github.com/MalwareTech/BasicHook

atom0s

02-03-2015 03:32

Another similar project is MinHook:

Code:

https://github.com/TsudaKageyu/minhook

MinHook supports both x86 and x64. :)

stev	02-07-2015 16:10

Today��s post presents several ways of API hooking under the x86 instruction set.

Inline Hooking for Programmers
A lot of my articles have been aimed at giving a high-level insight into malware for beginners, or those unfamiliar with specific concepts. Today I've decided to start a new series designed to familiarize people with malware internals on a programming level.

omidgl

02-11-2015 05:10

An open source x86/x64 hooking engine:

Easyhook: http://easyhook.codeplex.com/

maktm

04-10-2015 20:49

Two other open-source projects you might want to look into are :

Deviare Hooking Engine

Info
http://blog.nektra.com/main/2015/04/07/deviare-hooking-engine-is-open-source-and-deviare-in-proc-supports-net-hooking/

Github
https://github.com/nektra/Deviare2

Blackbone

Info
https://github.com/DarthTon/Blackbone

Github
https://github.com/DarthTon/Blackbone/tree/master/src/BlackBone/LocalHook

All times are GMT +8. The time now is 05:06.