Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

R

Perl

Scala

CSS

Kotlin

Dart

C

Swift

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Go

PowerShell

C

Ruby

Clojure

Nix

Shell

C#

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇵🇳 Pitcairn Islands

🇬🇬 Guernsey

🇬🇾 Guyana

🇨🇫 Central African Republic

🇦🇷 Argentina

🇹🇬 Togo

🇦🇿 Azerbaijan

🇰🇮 Kiribati

All Countries Compare Countries

SamuelTulach/LightHook

Stars
171
Rank 215,276 (Top 5 %)
Language
C
License
MIT License
Created over 1 year ago
Updated 3 months ago

SamuelTulach/LightHook

SamuelTulach

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Single-header, minimalistic, cross-platform hook library written in pure C

Single-header, minimalistic, cross-platform hook library written in pure C.

But... why?

While other well-written libraries that do exactly the same already exist, I wanted to have something simple that would not use an entire disassembler engine which can sometimes be painful to include in a project.

Pros of this library:

Written in pure C
No dependencies (no full disassembler engine)
Single header
Works in both kernelmode/usermode
Cross-platform (Windows/Linux/EFI)
Easily portable (3 functions to allocate/free/protect memory that are platform specific)

Cons of this library:

Breaks when a function starts with unsupported instructions (ex. AVX)

Showcase

Usage

Include the header file in your project. Initialise hook structure by calling CreateHook. Perform the actual hook by calling EnableHook and optionally revert the hook with a call to DisableHook.

HookInformation info = CreateHook((void*)&FunctionToHook, (void*)&FunctionToCall);
int status = EnableHook(&info);
if (!status)
    return;

// Call the original function with info.Trampoline
FunctionToHook(10, 20);

DisableHook(&info)

License

This repository is licensed under MIT if not stated otherwise in subfolders.

VirusTotalUploader

C# Open-Source Winforms application for uploading files to VirusTotal

mutante

Kernel-mode Windows HWID spoofer

efi-memory

PoC EFI runtime driver for memory r/w & kdmapper fork

rainbow

Hide SMBIOS/disk/NIC serials from EFI bootkit

negativespoofer

PoC HWID spoofer that runs in EFI

RwxMeme

State of the art DLL injector that took 20 minutes to make

nullmap

Using CVE-2023-21768 to manual map kernel mode driver

tpm-spoofer

Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads

meme-rw

Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode

SecureFakePkg

Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

BetterTiming

PoC TSC offsetting in KVM

OverlayCord

Simple proof of concept showing how you can abuse Discord's in-game internal module to draw on top of the game (even if the game is in fullscreen) from an external application without modifying any Discord files or loading its modules.

voidmap

Using CVE-2021-40449 to manual map kernel mode driver

CanetisRadar

Open-source application for detecting sound direction using 7.1 audio device in games

windowhide

Hide external overlay by using SetWindowDisplayAffinity

PatchBoot

Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks

DirectPageManipulation

A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy

eac_cr3_shuffle

EfiDump

PoC EFI runtime driver for direct Windows interprocess memory copy

InjectMouseInputExample

C/C++ example of InjectMouseInput function

human-mouse

Adopted SRL-6 mouse movement to C++

memdrv

be_shellcode_dump

December 2023 BattlEye shellcode dump

GetDeviceInterfacesMemoryLeak

Small memory leak PoC that is happening in IopGetDeviceInterfaces

SaberHighlight

Beat Saber mod enabling NVIDIA Highlights functionality

vmcheck

SoundReplacer

BSIPA mod for replacing hit sounds, menu music, click sounds and much more!

ida-unity-pdb-downloader

Simple IDA Pro plugin to download Unity debug symbols from their symbol server

OcuFix

Simple mod to automatically disable ASW and change services/runtime priority

RecoilTime

A simple program made in C# for reducing recoil in games under Windows environment

EasyUefi

Visual Studio template for GNU-EFI

DiscordLeech

Read Discord user info from process memory

EvilKaspersky

esea-control

Simple program to temporarly disable ESEA anti-cheat

lrdp

EmuAuth

KeyAuth server emulator

memhv

Minimalistic hypervisor with memory introspection capabilities

ByeMouse

EasyDump

PowerControl

eft-profile-api

Reversing the newly added EFT feature that allows you to view other players' stats

obs-dda

virtmgr

OneplusDebloat

Remove crappy useless apps in Oxygen OS (both 3rd party and Google)

SamuelTulach

NekoSwap