Detours is a library for instrumenting arbitrary Win32 functions Windows-compati... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

coldtea on Sept 13, 2023 | parent | context | favorite | on: Any sufficiently advanced uninstaller is indisting...

Detours is a library for instrumenting arbitrary Win32 functions Windows-compatible processors. Detours intercepts Win32 functions by re-writing the in-memory code for target functions. The Detours package also contains utilities to attach arbitrary DLLs and data segments (called payloads) to any Win32 binary.

Detours preserves the un-instrumented target function (callable through a trampoline) as a subroutine for use by the instrumentation. Our trampoline design enables a large class of innovative extensions to existing binary software.

https://www.microsoft.com/en-us/research/project/detours/

jaclaz on Sept 13, 2023 | [–]

Only for the record, there is also easyhook:

https://easyhook.github.io/

https://easyhook.github.io/#features

https://github.com/EasyHook/EasyHook

stevemk14ebr on Sept 15, 2023 | | [–]

And my more sophisticated library, https://github.com/stevemk14ebr/PolyHook_2_0

IshKebab on Sept 13, 2023 | [–]

Interesting. Has anyone done the same thing on Linux?

alaxapta7 on Sept 13, 2023 | [–]

I use and recommend subhook[0].

[0] https://github.com/Zeex/subhook

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact