0ffffffffh/Api-Break-for-x64dbg 0ffffffffh/Api-Break-for-x64dbg

  • Stars
    star
    161
  • Rank 227,882 (Top 5 %)
  • Language
    C
  • Created over 7 years ago
  • Updated over 6 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
0ffffffffh/Api-Break-for-x64dbg
github

0ffffffffh

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

x64dbg plugin to set breakpoints automatically to Win32/64 APIs

Api Break for x64dbg

Api Break is a x64dbg plugin which is aimed to set breakpoints Win32/64 API calls easly.

ab1

ab2

####Features

  • API function entry breakpoint (AEB)
  • Breakpoint at API callers (BAC)
  • Auto-populating modules and their API functions used by the process.

API Function Entry Breakpoint (AEB)

It can be useful when the code does obfuscated or indirect api calls or something similar conditions. This mode is automatically (naturally) handles all API calls for the entire module. Also, this mode gives an option to jump automatically to the API caller when the API entry breakpoint hit. It exposes the original caller using single step callstack backtracing.

Breakpoint at API callers (BAC)

In technically, this mode is much more flexible and customizable. It does scan dynamically for API calls in specified module or address range. For now, it scans only process's code range. But other features are planned for future development.

If you have any idea, let me know what ideas you have about it.

#####In-Development features

  • Dynamically loaded API detection which is made by using GetProcAddress (About 45% implemented)

#####Planning features

  • User specified code range scan for BAC
  • User specified module scan for BAC
  • User option to listing all linked modules and APIs of process regardless of IAT.

More Repositories

1

dragondance

Binary code coverage visualizer plugin for Ghidra
Java
277
star
2

system_call_hook_win10_1903

This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness
C
49
star
3

yummyPaste

paste string formatted byte data block into x64dbg easy.
C
37
star
4

sozluk-cgi-revival

bringing back the ancient sozluk to the life again.
C#
23
star
5

CSEH

Structured Exception Handler for C
C
14
star
6

Win32ApiHook

Simple api hook system for Windows. It was coded for my article.
C++
9
star
7

ffmpegShellExtension

ffmpeg shell extension for Windows Explorer.
C++
8
star
8

SharpAsm

assembly code execution from managed c#
C#
7
star
9

vfd

virtual disk device (under development)
C
4
star
10

yald

yet another logcat dumper
C#
4
star
11

fastMagnet

Magnet link handler for fast torrent content loading.
C#
2
star
12

Code-Files

Little Tools, Patches etc.
C
2
star
13

jyald

Java implementation of the yald project
Java
2
star