PSDetour
PSDetour-Hooks
PSDetour | PSDetour-Hooks | |
---|---|---|
1 | 1 | |
63 | 9 | |
- | - | |
6.3 | 6.4 | |
8 months ago | 8 months ago | |
C# | PowerShell | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PSDetour
-
Any sufficiently advanced uninstaller is indistinguishable from malware
You essentially replace a function with your own. The project is at https://github.com/microsoft/Detours.
I’ve created a PowerShell module that wraps this library to make it easier to hook functions on the fly for testing https://github.com/jborean93/PSDetour. For example I used it to capture TLS session data for decryption https://gist.github.com/jborean93/6c1f1b3130f2675f1618da5663... as well as create an strace like functionality for various Win32 APIs (still expanding as I find more use cases) https://github.com/jborean93/PSDetour-Hooks
PSDetour-Hooks
-
Any sufficiently advanced uninstaller is indistinguishable from malware
You essentially replace a function with your own. The project is at https://github.com/microsoft/Detours.
I’ve created a PowerShell module that wraps this library to make it easier to hook functions on the fly for testing https://github.com/jborean93/PSDetour. For example I used it to capture TLS session data for decryption https://gist.github.com/jborean93/6c1f1b3130f2675f1618da5663... as well as create an strace like functionality for various Win32 APIs (still expanding as I find more use cases) https://github.com/jborean93/PSDetour-Hooks
What are some alternatives?
PolyHook_2_0 - C++20, x86/x64 Hooking Libary v2.0
subhook - Simple hooking library for C/C++ (x86 only, 32/64-bit, no dependencies)