Using LD_PRELOAD to cheat, inject features and investigate programs

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
hardware-buttons linkedin-bot template-engine-js

Stream - Scalable APIs for Chat, Feeds, Moderation, & Video.
Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.
getstream.io
featured
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured

  1. frida

    Clone this repo to build Frida

    A great framework for doing something along those lines is Frida (https://github.com/frida/frida). Works on a bunch of stuff, including Android and iOS. Some global-ish certificate pinning bypasses work through Frida, by patching http libraries to not raise exceptions, accept system certificates, etc and just quietly hum along instead. Certificate unpinning in turn enables network MITM with mitmproxy, which makes it a lot quicker and easier to inspect, block, or modify network traffic.

    Funnily enough, I've seen much stronger obfuscation from reverse engineering from my cheap Tuya IoT devices app than from my bank app.

  2. Stream

    Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.

    Stream logo

  3. proxychains

    proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.

    Fun fact: proxychains uses LD_PRELOAD [0] to hook the necessary syscalls [1] for setting up a "proxy environment" for the wrapped program, e.g. `connect`, `gethostbyname`, `gethostbyaddr`, etc. Note this also implies that it could be leaky in some cases when applied to a program that uses alternative syscalls to make an external connection.

    [0] https://github.com/haad/proxychains/blob/master/src/proxycha...

    [1] https://github.com/haad/proxychains/blob/master/src/libproxy...

  4. tup

    Tup is a file-based build system.

  5. ClickHouse

    ClickHouse® is a real-time analytics database management system

  6. QuAPI

    Library and tool to add assumption-support to generic SAT or QBF solver binaries using automated fork()ing and LD_PRELOAD (by maximaximal)

  7. ld_preload-sounds

    Generates raw WAV output by hooking malloc() and read().

    one of my favorite hacks, which started as a joke, is using LD PRELOAD to generate audio from memory allocation and read calls.

    https://github.com/gordol/ld_preload-sounds

    this started out as like 10-20 lines of terrible code originally, and a few people sent merge requests to improve it

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Strategies for Fast Lexers

    5 projects | news.ycombinator.com | 14 Jul 2025

  • 🧠 From Hive and Elastic to ClickHouse: What Surprised Me

    1 project | dev.to | 8 Jul 2025

  • Counting at Scale

    1 project | news.ycombinator.com | 3 Jul 2025

  • supabase VS Manifest - a user suggested alternative

    2 projects | 1 Jul 2025

  • Show HN: Hacker News historic upvote and score data

    2 projects | news.ycombinator.com | 3 Jun 2025
Loading...