• Stars
    star
    246
  • Rank 164,726 (Top 4 %)
  • Language
    C++
  • License
    MIT License
  • Created over 2 years ago
  • Updated 5 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Single-header, minimalistic, cross-platform hook library written in pure C

logo

Single-header, minimalistic, cross-platform hook library written in pure C.

But... why?

While other well-written libraries that do exactly the same already exist, I wanted to have something simple that would not use an entire disassembler engine which can sometimes be painful to include in a project.

Pros of this library:

  • Written in pure C
  • No dependencies (no full disassembler engine)
  • Single header
  • Works in both kernelmode/usermode
  • Cross-platform (Windows/Linux/EFI)
  • Easily portable (3 functions to allocate/free/protect memory that are platform specific)

Cons of this library:

  • Breaks when a function starts with unsupported instructions (ex. AVX)

Showcase

linux wink winu efi

Usage

Include the header file in your project. Initialise hook structure by calling CreateHook. Perform the actual hook by calling EnableHook and optionally revert the hook with a call to DisableHook.

HookInformation info = CreateHook((void*)&FunctionToHook, (void*)&FunctionToCall);
int status = EnableHook(&info);
if (!status)
    return;

// Call the original function with info.Trampoline
FunctionToHook(10, 20);

DisableHook(&info)

License

This repository is licensed under MIT if not stated otherwise in subfolders.

More Repositories

1

VirusTotalUploader

C# Open-Source Winforms application for uploading files to VirusTotal
C#
1,128
star
2

mutante

Kernel-mode Windows HWID spoofer
C++
524
star
3

efi-memory

PoC EFI runtime driver for memory r/w & kdmapper fork
C++
476
star
4

rainbow

Hide SMBIOS/disk/NIC serials from EFI bootkit
C
270
star
5

negativespoofer

PoC HWID spoofer that runs in EFI
C++
269
star
6

RwxMeme

State of the art DLL injector that took 20 minutes to make
C++
192
star
7

tpm-spoofer

Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads
C
179
star
8

nullmap

Using CVE-2023-21768 to manual map kernel mode driver
C
171
star
9

memhv

Minimalistic AMD-V/SVM hypervisor with memory introspection capabilities
C++
152
star
10

meme-rw

Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode
C++
146
star
11

OverlayCord

Simple proof of concept showing how you can abuse Discord's in-game internal module to draw on top of the game (even if the game is in fullscreen) from an external application without modifying any Discord files or loading its modules.
C++
139
star
12

SecureFakePkg

Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)
C
125
star
13

BetterTiming

PoC TSC offsetting in KVM
122
star
14

PwnedBoot

Using Windows' own bootloader as a shim to bypass Secure Boot
C
103
star
15

voidmap

Using CVE-2021-40449 to manual map kernel mode driver
C
97
star
16

CanetisRadar

Open-source application for detecting sound direction using 7.1 audio device in games
C#
93
star
17

PatchBoot

Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks
87
star
18

windowhide

Hide external overlay by using SetWindowDisplayAffinity
C++
86
star
19

DirectPageManipulation

A basic demonstration of directly overwriting paging structures for physical memory r/w and interprocess memory copy
C++
75
star
20

ImGui-AppKit

Project template for single-window GUI apps using Dear ImGui
C++
44
star
21

eac_cr3_shuffle

C++
41
star
22

ida-unity-pdb-downloader

Simple IDA Pro plugin to download Unity debug symbols from their symbol server
C++
41
star
23

EfiDump

PoC EFI runtime driver for direct Windows interprocess memory copy
C
37
star
24

InjectMouseInputExample

C/C++ example of InjectMouseInput function
C++
30
star
25

MemoryGuard

Experiment with PAGE_GUARD protection to hide memory from other processes
C
29
star
26

human-mouse

Adopted SRL-6 mouse movement to C++
C++
29
star
27

memdrv

C++
26
star
28

GetDeviceInterfacesMemoryLeak

Small memory leak PoC that is happening in IopGetDeviceInterfaces
C++
24
star
29

SaberHighlight

Beat Saber mod enabling NVIDIA Highlights functionality
C#
24
star
30

be_shellcode_dump

December 2023 BattlEye shellcode dump
C
24
star
31

SoundReplacer

BSIPA mod for replacing hit sounds, menu music, click sounds and much more!
C#
19
star
32

EvilKaspersky

C++
19
star
33

vmcheck

C
18
star
34

OcuFix

Simple mod to automatically disable ASW and change services/runtime priority
C#
16
star
35

RecoilTime

A simple program made in C# for reducing recoil in games under Windows environment
C#
14
star
36

EasyUefi

Visual Studio template for GNU-EFI
C
14
star
37

eft-profile-api

Reversing the newly added EFT feature that allows you to view other players' stats
C#
13
star
38

EmuAuth

KeyAuth server emulator
C++
11
star
39

DiscordLeech

Read Discord user info from process memory
C#
10
star
40

esea-control

Simple program to temporarly disable ESEA anti-cheat
C#
9
star
41

lrdp

8
star
42

InactiveTitlebarPatch

Simple registry patch to turn inactive title bar color dark
8
star
43

ByeMouse

C#
5
star
44

obs-dda

C
3
star
45

EasyDump

C#
3
star
46

PowerControl

C#
3
star
47

MapPasswordTool

TM2020 tool to remove password lock for editing from maps
C#
2
star
48

virtmgr

C++
2
star
49

OneplusDebloat

Remove crappy useless apps in Oxygen OS (both 3rd party and Google)
Shell
2
star
50

NekoSwap

C++
1
star