Apps tagged with 'api-hooking'

PE-sieve scans a given process, searching for the modules containing in-memory code modifications. When found, it dumps the modified PE. Detects inline hooks, hollowed processes, Process Doppelgänging etc. Can be used for unpacking malware.

Deviare In-Process is a code interception engine for Microsoft Windows®. It is a dual license library, GPLv3 and Commercial. The source code is available at GitHub.

Deviare is a powerful Code Interception Library, with a very simple interface that lets you hook many processes on your own application without any IPC coding. It can be used in any COM supporting languages as C++, VB and .NET.

Microsoft Research Detours v3 Professional is a library for instrumenting arbitrary Win32 functions on x86, x64, and IA64 machines. Now you can intercept Win32 functions by re-writing the in-memory code for target functions.

If you dabble in this area then you’ll already know that Microsoft Research's Detours pretty much sets the benchmark when it comes to API hooking. Why don't we get a comparison out of the way quickly then?

EasyHook makes it possible to extend (via hooking) unmanaged code APIs with pure managed functions, from within a fully managed environment on 32- or 64-bit Windows XP SP2, Windows Vista x64, Windows Server 2008 x64, Windows 7, Windows 8.1, and Windows 10.

Demo application demonstrating how to inject code into another processes address space, and then execute it in the context of this process.

"madCodeHook" offers everything you need to hook code (mostly APIs). Supports Delphi 4-7, Delphi 2005-10.1 Berlin (32bit and 64bit), Borland C++ Builder 5-6, Borland C++ Builder 2006-10.1 Berlin (32bit only for now), MSVC++ (32bit and 64bit).

HookBytes is a powerful, self-hosted webhook management platform that serves as an open-source alternative to Hookdeck. Built with Laravel, it provides enterprise-grade webhook processing, monitoring, and debugging capabilities without vendor lock-in.