PolyHook_2_0
PSDetour
PolyHook_2_0 | PSDetour | |
---|---|---|
2 | 1 | |
1,495 | 63 | |
- | - | |
6.2 | 6.3 | |
7 days ago | 8 months ago | |
C++ | C# | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PolyHook_2_0
-
Any sufficiently advanced uninstaller is indistinguishable from malware
And my more sophisticated library, https://github.com/stevemk14ebr/PolyHook_2_0
- Relive internal browser features
PSDetour
-
Any sufficiently advanced uninstaller is indistinguishable from malware
You essentially replace a function with your own. The project is at https://github.com/microsoft/Detours.
I’ve created a PowerShell module that wraps this library to make it easier to hook functions on the fly for testing https://github.com/jborean93/PSDetour. For example I used it to capture TLS session data for decryption https://gist.github.com/jborean93/6c1f1b3130f2675f1618da5663... as well as create an strace like functionality for various Win32 APIs (still expanding as I find more use cases) https://github.com/jborean93/PSDetour-Hooks
What are some alternatives?
subhook - Simple hooking library for C/C++ (x86 only, 32/64-bit, no dependencies)
PSDetour-Hooks - Auditing Hooks for https://github.com/jborean93/PSDetour
Squirrel - An installation and update framework for Windows desktop apps
Microsoft Research Detours Package - Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.