/hooking

Resources About Hooking. For All Platforms. Currently 300+ Tools And 600+ Posts.

Hook

目录

高星工具


Dobby

工具

  • [1688星][28d] [C++] jmpews/dobby 轻量级,多平台,多体系结构的Hook框架(曾用名:HookZz)
  • [316星][4m] [ObjC] jmpews/hookzzmodules modules deps on HookZz framework.
  • [67星][30d] [C] luoyanbei/testhookzz iOS逆向:使用HookZz框架hook游戏“我的战争”,进入上帝模式

文章


plthook

工具

  • [283星][28d] [C] kubo/plthook 修改ELF文件的PLT、PE文件的IAT,实现的函数Hook

subhook

工具

  • [385星][1m] [C] zeex/subhook 简易的跨平台Hook框架,针对C/C++,只支持x86。无依赖

whale

工具

  • [917星][26d] [C++] aslody/whale Hook Framework for Android/IOS/Linux/MacOS

文章

D3DX-Hook


工具


文章

Frida-Hook


工具


文章

Windows


monohook

工具


hyperbone

工具


ddimon

工具

  • [512星][2y] [C++] tandasat/ddimon 通过使用扩展页表(EPT),执行内联hook的hypervisor,对访客(即除DdiMon之外的任何代码)是不可见的

mhook

工具

文章


polyhook

工具


infinityhook

工具

  • [1079星][4m] [C++] everdox/infinityhook Hook system calls, context switches, page faults and more.

minhook

工具

文章


easyhook

工具

文章


.NET

工具

  • [117星][2y] [C#] tandasat/dotnethooking Sample use cases of the .NET native code hooking technique
  • [60星][2y] [C#] wledfor2/playhooky C# Runtime Hooking Library for .NET/Mono/Unity.
  • [34星][4m] [C#] dangbee/dotnethook A hook proof of concept with no native dependencies. Hook both .NET methods (even framework methods) and Native methods entirely in .NET.
  • [31星][1y] [C#] thaisenpm/loader2 Nova Hook is an open source C# cheat loader currently built for CS:GO
  • [16星][6m] [C#] lontivero/open.winkeyboardhook A simple and easy-to-use .NET managed wrapper for Low Level Keyboard hooking.
  • [15星][2m] [Visual Basic .NET] thaisenpm/loader1 Nova Hook is an open source VB.NET cheat loader currently built for CS:GO
  • [11星][6m] [C#] 20chan/globalhook Simple global keyboard, mouse hook and simulation library written C#
  • [None星][C#] elliesaur/dotnethook A hook proof of concept with no native dependencies. Hook both .NET methods (even framework methods) and Native methods entirely in .NET.

SSDT

工具

文章


工具

  • [1866星][27d] [Py] boppreh/keyboard 在Windows和Linux上挂钩和模拟全局键盘事件
  • [787星][4m] [C++] ysc3839/fontmod 修改 Win32 程序字体的简单的 hook 工具。可用于一些基于 GDI 或者 Qt 的程序
  • [546星][5m] [C#] crosire/scripthookvdotnet An ASI plugin for Grand Theft Auto V, which allows running scripts written in any .NET language in-game.
  • [310星][29d] [C] gbps/gbhv Simple x86-64 VT-x Hypervisor with EPT Hooking
  • [193星][26d] [C#] justcoding121/windows-user-action-hook A .NET library to subscribe for Windows operating system global user actions such mouse, keyboard, clipboard & print events
  • [92星][3y] [C++] shmuelyr/captainhook CaptainHook is perfect x86/x64 hook environment
  • [88星][2m] [C] tinysec/iathook windows内核模式和用户模式IAT hook
  • [79星][3y] [C] stevemk14ebr/unihook Intercept arbitrary functions at run-time, without knowing their typedefs
  • [76星][24d] [C] danielkrupinski/vac-hooks Hook WinAPI functions used by Valve Anti-Cheat. Log calls and intercept arguments & return values. DLL written in C.
  • [45星][10m] [C#] userr00t/universalunityhooks A framework designed to hook into and modify methods in unity games via dlls
  • [44星][7m] [C++] wopss/renhook An open-source x86 / x86-64 hooking library for Windows.
  • [42星][1m] [Rust] verideth/dll_hook-rs Rust code to show how hooking in rust with a dll works.
  • [40星][1m] [C++] prekageo/winhook
  • [38星][1m] [C++] rolfrolles/wbdeshook DLL-injection based solution to Brecht Wyseur's wbDES challenge (based on SysK's Phrack article)
  • [38星][1m] [Assembly] muffins/rookit_playground Educational repository for learning about rootkits and Windows Kernel Hooks.
  • [35星][2m] [C++] codereversing/wow64syscall WoW64 Syscall Hooking
  • [34星][3y] [C++] menooker/fishhook An inline hook platform for Windows x86/x64
  • [34星][30d] [Py] byzero512/winpwn for CTF windows pwn and IAT/EAT hook
  • [32星][2m] [C++] netdex/twinject Automated player and hooking framework for bullet hell games from the Touhou Project
  • [30星][2m] [C] deroko/activationcontexthook Hook 进程,强制进程加载重定向的 DLL
  • [29星][4m] [C++] m-r-j-o-h-n/swh-injector An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
  • [27星][6m] [HTML] flyrabbit/winproject Hook, DLLInject, PE_Tool
  • [27星][3m] [C] tinysec/runwithdll windows create process with a dll load first time via LdrHook
  • [24星][3m] [C] david-reguera-garcia-dreg/phook Full DLL Hooking, phrack 65
  • [24星][5m] [C] maikel233/x-hook-for-csgo Aimtux for Windows.
  • [22星][1m] [Go] castaneai/hinako x86 WinAPI hook written in pure Go
  • [22星][29d] [C++] xbased/xhook Hook Windows API. supports Win7/8/10 x86 and x64 platform.
  • [21星][2m] [C] adrianyy/kernelhook Windows inline hooking tool.
  • [21星][5m] [C] xiaofen9/ssdthook An SSDT hook for Windows
  • [19星][5m] [Java] col-e/simplified-jna Multi-threaded JNA hooks and simplified library access to window/key/mouse functions.
  • [18星][11m] [Assembly] egebalci/hook_api Assembly block for hooking windows API functions.
  • [16星][5m] [C] sin5678/hidedir 使用SSDT HOOK 在windows上隐藏指定文件或者文件夹
  • [14星][3m] [C++] hmihaidavid/hooks A DLL that performs IAT hooking
  • [13星][4y] [C++] jonasblunck/dp Win32 API and COM hooking/tracing.
  • [13星][7m] [C#] kanegovaert/unknown-logger An advanced Windows Keylogger with features like (Disable CMD, Screenshotter, Client Stub Builder, Low Level Keyhooks, Hide Application, Respawner, Delete Chrome and Firefox data, and more!)
  • [12星][8m] [C++] sin5678/wow64hook wow64 syscall filter
  • [11星][6m] [Py] debasishm89/qhook qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
  • [11星][1y] [C++] therena/findthestupidwindow Windows API hooking project to log all the windows / UIs with the exact timestamp when they are opened.
  • [11星][6y] weixu8/registrymonitor Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
  • [10星][7y] [Py] nitram2342/spooky-hook WinAppDbg helper script to catch API calls
  • [9星][6m] [C++] windy32/win32-console-hook-lib A light-weight console hook library for convenient console interactions
  • [8星][6m] [C++] mgostih/snifferih DLL Hooking Packet Sniffer
  • [8星][27d] [C++] ivan-sincek/keylogger Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).
  • [7星][2y] [Go] nanitefactory/hookwin10calc Reverse engineered Windows 10 Calculator.exe (UWP application) hacker. 한글/漢文을 배운 윈도우 계산기 패치.
  • [5星][2y] [C++] wanttobeno/window_keyandmousehook Window Key And Mouse Hook
  • [4星][10m] [C++] aschrein/apiparse Small project to learn windows dll hooking techniques based on sources of renderdoc and apitrace
  • [4星][2y] [C#] trojaner/rocketplus Adding extra functionality to RocketMod API by using method hooking [Windows x64 only]. Also provides an API for .NET Method detouring
  • [0星][2y] [C] vallejocc/poc-find-chrome-ktlsprotocolmethod Proof of Concept code to download chrome.dll symbols from chromium symbols store and find the bssl::kTLSProtocolMethod table of pointers (usually hooked by malware)

文章

Linux


工具

  • [140星][7m] [C] davidbuchanan314/tardis Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.
  • [134星][1m] [C] poliva/ldpreloadhook a quick open/close/ioctl/read/write/free function hooker
  • [94星][30d] [C] milabs/khook Linux Kernel hooking engine (x86)
  • [68星][1m] [C] ilammy/ftrace-hook Using ftrace for function hooking in Linux kernel
  • [45星][2m] [C] jmpews/evilelf Malicious use of ELF such as .so inject, func hook and so on.
  • [35星][3y] [C] jordan9001/superhide Example of hooking a linux systemcall
  • [8星][2m] [C] rafael-santiago/kook A syscall hooking system for FreeBSD, NetBSD and also Linux.
  • [6星][2y] [C] sizet/lkm_parse_dns_packet linux 核心模組, 使用 netfilter IPv4 hook 監聽和分析 DNS 請求和回應封包.
  • [5星][3m] [C] deb0ch/toorkit A simple useless rootkit for the linux kernel. It is a kernel module which hooks up the open() syscall (or potentially any syscall) to replace it with a custom function.

文章

Apple


inspectivec

工具


captainhook

工具

  • [577星][1y] [ObjC] rpetrich/captainhook Common hooking/monkey patching headers for Objective-C on Mac OS X and iPhone OS. MIT licensed

blockhook

工具


工具

  • [2032星][3y] [Swift] urinx/iosapphook 专注于非越狱环境下iOS应用逆向研究,从dylib注入,应用重签名到App Hook
  • [1122星][2y] [ObjC] yulingtianxia/fishchat Hook WeChat.app on non-jailbroken devices.
  • [129星][6m] [C] rodionovd/rd_route Function hooking for macOS
  • [123星][4m] [ObjC] smilezxlee/zxhookdetection 【iOS应用安全】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议示例)
  • [68星][3y] [ObjC] alayshchen/xcodeappplugintemplate App Plugin Project Template For iOS App And Mac App. Make it easy to hook app.
  • [66星][5m] [ObjC] yulingtianxia/blocktracker Tracking block args of Objective-C method based on BlockHook
  • [54星][1m] [Perl] theos/logos Preprocessor that simplifies Objective-C hooking.
  • [53星][4m] [ObjC] smilezxlee/zxhookutil 【iOS逆向】Tweak工具函数集,基于theos、monkeyDev

文章

Android


Hook位置

ART

arthook

工具
文章

fasthook

工具

edxposed

工具
  • [2236星][4m] [Java] elderdrivers/edxposed Riru模块,试图提供一个ART挂钩框架(最初用于Android Pie),它提供与OG xpose一致的api,利用YAHFA(或SandHook)挂钩框架,支持Android 8.0 ~ 10。

yahfa

工具
  • [764星][25d] [Java] pagalaxylab/yahfa Yet Another Hook Framework for ART
  • [128星][2y] [Java] bmax121/budhook An Android hook framework written like Xposed,based on YAHFA.
文章

Substrate

hooker

工具
  • [372星][29d] [Py] androidhooker/hooker Android应用程序动态分析。自动拦截和修改目标应用程序发出的任何API调用(利用Substrate )

virtualhook

工具

文章


sandhook

工具

  • [708星][4m] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat

legend

工具

  • [1463星][1m] [Java] aslody/legend (Android)无需Root即可Hook Java方法的框架, 支持Dalvik和Art环境

xhook

工具

  • [1741星][25d] [C] iqiyi/xhook a PLT (Procedure Linkage Table) hook library for Android native ELF

androideagleeye

工具

  • [429星][4y] [Makefile] mindmac/androideagleeye 一个基于xposed和adbi的模块,能够Hook Android操作系统的Java和原生方法

工具


文章

新添加


Inline-Hook

工具

文章


Syscall-Hook

工具

  • [18星][1y] [C] plexsolutions/readhook Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

文章


API-Hook

工具

  • [509星][1m] [C++] 0x09al/rdpthief Extracting Clear Text Passwords from mstsc.exe using API Hooking.
  • [315星][4m] [C] outflanknl/dumpert LSASS memory dumper using direct system calls and API unhooking.
  • [304星][2y] [C] nektra/deviare2 Deviare API Hook
  • [136星][4m] [C] hoshimin/hooklib The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
  • [54星][5m] [C] passingtheknowledge/ganxo An opensource API hooking framework
  • [40星][3y] [C++] tanninone/usvfs library using api hooking to implement process-local filesystem-independent file links.
  • [35星][4m] [C++] xrivendell/pcsgolh PCSGOLH - Pointless Counter-Strike: Global Offensive Lua Hooks. A open-source Lua API for CS:GO hacking written in modern C++
  • [28星][6m] [JS] shanselman/daskeyboard-q-nightscout Hooking up the DasKeyboard Q REST API to change the key colors in response to diabetic's glucose from NightScout
  • [11星][2m] [Pascal] oranke/proxy-dll-generator PROXY DLL Generator / for very simple API Hooking.
  • [9星][4y] [C++] jonasblunck/dynhook Example library for how to dynamically/statically hook/intercept unmanaged functions and APIs
  • [9星][3m] [C++] hidd3ncod3s/runpedmp RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the API's i hook and to dump the memory while it is using RunPE/PH techniques.
  • [8星][4m] [C++] nybble04/shady-hook Hooking API calls of a Ransomware
  • [4星][2y] [C++] a7031x/hookapi Handy way to hook x86 or x64 API
  • [4星][29d] [C] microwave89/ntapihook Attempt to Create a Simple and Light-weight Hook Engine Without Use of an LDE
  • [None星][C++] vovkos/protolesshooks API monitoring via return-hijacking thunks; works without information about target function prototypes.

文章


Un-Hook

工具

文章


工具


文章

贡献

内容为系统自动导出, 有任何问题请提issue