The reinvention of Windows API Hooking
- Free • Open Source
- .NET Framework
- Microsoft Visual Studio
What is EasyHook?
EasyHook makes it possible to extend (via hooking) unmanaged code APIs with pure managed functions, from within a fully managed environment on 32- or 64-bit Windows XP SP2, Windows Vista x64, Windows Server 2008 x64, Windows 7, Windows 8.1, and Windows 10.
EasyHook supports injecting assemblies built for .NET Framework 3.5 / 4.0+ as well as native DLLs.
A "Thread Deadlock Barrier" deals with many core problems when hooking unknown APIs; this technology is unique to EasyHook You can write managed hook handlers for unmanaged APIs You can use all the convenience managed code provides, like .NET Remoting, WPF and WCF .NET assemblies are injected into a new AppDomain where possible, ensuring that your assemblies are completely unloaded from the target when detached You can write injection libraries and host processes compiled for AnyCPU, which allows you to inject your assembly into both 32- and 64-bit processes from 64- and 32-bit processes. Your .NET assemblies do not need to be registered in the Global Assembly Cache (GAC) - greatly simplifying development and releases EasyHook supports RIP-relative address relocation for 64-bit targets. Support for hooking COM interfaces A documented, pure unmanaged hooking API No resource or memory leaks are left in the target EasyHook32.dll and EasyHook64.dll are native libraries that can be used without any .NET framework installed All hooks are installed and automatically removed in a stable manner Support for Thread ACLs to control which threads will use the hook Experimental stealth injection mechanism that won't raise attention of AV Software Managed/Unmanaged module stack trace inside a hook handler Get calling managed/unmanaged module inside a hook handler Create custom stack traces inside a hook handler No unpacking/installation necessary. The Visual Studio redistributables are not required. Support for 32- and 64-bit kernel mode hooking - however no support for bypassing PatchGuard is supplied
Recent user activities on EasyHook
- suggestion to remove Microsoft Research Detours as an alternative to EasyHook was deniedGu
- biorpg2 added Microsoft Research Detours as an alternative to EasyHookbi
- biorpg2 added EasyHookbi
Comments and Reviews Post a comment/review