GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → WopsS → RenHook

WopsS / RenHook

Licence: MIT license
An open-source x86 / x86-64 hooking library for Windows.

Programming Languages

C++
36643 projects - #6 most used programming language
CMake
9771 projects

Labels

windowsx86-64x86hooking

Projects that are alternatives of or similar to RenHook

Corehook
A library that simplifies intercepting application function calls using managed code and the .NET Core runtime
Stars: ✭ 191 (+138.75%)
Mutual labels:  x86-64, x86, hooking
Distormx
The ultimate hooking library
Stars: ✭ 146 (+82.5%)
Mutual labels:  x86-64, x86, hooking
alpine-php-fpm
Lightweight and optimised PHP-FPM (PHP 7.4, 8.0, 8.1) Docker images with essential extensions on top of latest Alpine Linux.
Stars: ✭ 53 (-33.75%)
Mutual labels:  x86-64, x86
asm2cfg
Python command-line tool and GDB extension to view and save x86, ARM and objdump assembly files as control-flow graph (CFG) pdf files
Stars: ✭ 42 (-47.5%)
Mutual labels:  x86-64, x86
kasm
Assembler library for Kotlin
Stars: ✭ 40 (-50%)
Mutual labels:  x86-64, x86
Funchook
Hook function calls by inserting jump instructions at runtime
Stars: ✭ 253 (+216.25%)
Mutual labels:  x86-64, hooking
DbgChild
Debug Child Process Tool (auto attach)
Stars: ✭ 221 (+176.25%)
Mutual labels:  x86, hooking
SDA
SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (+22.5%)
Mutual labels:  x86-64, x86
Holodec
Decompiler for x86 and x86-64 ELF binaries
Stars: ✭ 195 (+143.75%)
Mutual labels:  x86-64, x86
Assembly-Syntax-Definition
This is the greatest syntax definition of All Time
Stars: ✭ 23 (-71.25%)
Mutual labels:  x86-64, x86
Capstone.NET
.NET Core and .NET Framework binding for the Capstone Disassembly Framework
Stars: ✭ 108 (+35%)
Mutual labels:  x86-64, x86
pinktrace
Pink's Tracing Library
Stars: ✭ 20 (-75%)
Mutual labels:  x86-64, x86
Asmjit
Machine code generation for C++
Stars: ✭ 2,874 (+3492.5%)
Mutual labels:  x86-64, x86
Bdvl
LD_PRELOAD Linux rootkit (x86 & ARM)
Stars: ✭ 232 (+190%)
Mutual labels:  x86-64, x86
oberon-07-compiler
Oberon-07 compiler for x64 (Windows, Linux), x86 (Windows, Linux, KolibriOS), MSP430x{1,2}xx, STM32 Cortex-M3
Stars: ✭ 45 (-43.75%)
Mutual labels:  x86-64, x86
Asm Cli
Interactive shell of assembly language(X86/X64) based on unicorn and keystone
Stars: ✭ 211 (+163.75%)
Mutual labels:  x86-64, x86
bmod
bmod parses binaries for modification/patching and disassembles machine code sections.
Stars: ✭ 12 (-85%)
Mutual labels:  x86-64, x86
Opcodes
Database of CPU Opcodes
Stars: ✭ 177 (+121.25%)
Mutual labels:  x86-64, x86
peekaboo
An standalone execution trace library built on DynamoRIO.
Stars: ✭ 17 (-78.75%)
Mutual labels:  x86-64, x86
profiler-api
The portable version of JetBrains profiler API for .NET Framework / .NET Core / .NET / .NET Standard / Mono
Stars: ✭ 21 (-73.75%)
Mutual labels:  x86-64, x86
View All Similar Projects ➔

RenHook

Build Status

An open-source x86 / x86-64 hooking library for Windows.

Features

  • Supports x86 and x86-64 (uses Zydis as diassembler)
  • Completely written in C++11
  • Safe and easy to use
  • Hooking methods
    • Inline hook - Patches the prologue of a function to redirect its code flow, also allocates a trampoline to that can be used to execute the original function.

Quick examples

Hooking by address

#include <Windows.h>
#include <renhook/renhook.hpp>

void func_detour();

using func_t = void(*)();
renhook::inline_hook<func_t> func_hook(0x14000000, &func_detour);

void func_detour()
{
    OutputDebugStringA("Hello from the hook!\n");
    func_hook();
}

int APIENTRY wWinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPWSTR lpCmdLine, _In_ int nCmdShow)
{
    func_hook.attach();
    func_hook();
    func_hook.detach();

    func_hook();
    return 0;
}

Hooking by pattern

#include <Windows.h>
#include <renhook/renhook.hpp>

void func_detour();

using func_t = void(*)();
renhook::inline_hook<func_t> func_hook({ 0x89, 0x79, 0xF8, 0xE8, 0xCC, 0xCC, 0xCC, 0xCC, 0x8B, 0x0D, 0xCC, 0xCC, 0xCC, 0xCC }, &func_detour, 0xCC, 3);

void func_detour()
{
    OutputDebugStringA("Hello from the hook!\n");
    func_hook();
}

int APIENTRY wWinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPWSTR lpCmdLine, _In_ int nCmdShow)
{
    func_hook.attach();
    func_hook();
    func_hook.detach();

    func_hook();
    return 0;
}

Hooking a function from a module

#include <Windows.h>
#include <renhook/renhook.hpp>

int WINAPI msgbox_detour(HWND wnd, LPCWSTR text, LPCWSTR caption, UINT type);

using MessageBoxW_t = int(WINAPI*)(HWND, LPCWSTR, LPCWSTR, UINT);
renhook::inline_hook<MessageBoxW_t> msgbox_hook("user32", "MessageBoxW", &msgbox_detour);

int WINAPI msgbox_detour(HWND wnd, LPCWSTR text, LPCWSTR caption, UINT type)
{
    return msgbox_hook(wnd, L"Hello from the hook!", L"RenHook", MB_OK | MB_ICONINFORMATION);
}

int APIENTRY wWinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPWSTR lpCmdLine, _In_ int nCmdShow)
{
    msgbox_hook.attach();
    MessageBoxW(nullptr, L"Hello", L"Message", MB_OK);
    msgbox_hook.detach();

    MessageBoxW(nullptr, L"Hello", L"Message", MB_OK);
    return 0;
}

Build instructions

Requirements

Windows

  1. Download and install Visual Studio 2019 Community Edition or a higher version.
  2. Download and install the Requirements.
  3. Clone this repository.
  4. Clone the dependencies (git submodule update --init --recursive).
  5. Create a directory named build and run CMake in it.
  6. Open the solution (RenHook.sln) located in build directory.
  7. Build the projects.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].