
PolyHook – x86/x64 Hooking Library - ingve
https://github.com/stevemk14ebr/PolyHook
======
danra
A cool addition would be to augment the IAT hook with an option to hook
LoadLibrary and GetProcAddress, so that functions imported from delay-loaded
DLLs are also hooked correctly, and so that the IATs of delay-loaded or
otherwise dynamically-loaded DLLs would also be hooked.

~~~
corsix
Or patch the export table of the exporting DLL in addition to the import table
of every current importing DLL (as future importing DLLs will look in the
export table).

------
stevemk14ebr
Also I wrote an article on how it all works on codeproject:
[http://www.codeproject.com/Articles/1100579/PolyHook-The-
Cpl...](http://www.codeproject.com/Articles/1100579/PolyHook-The-Cplusplus-x-
x-Hooking-Library)

------
jbaviat
Quite unusual to see so low level code in C++11 - what about some Ruby ;) ?

[https://github.com/jjyg/metasm/blob/master/samples/pe-
hook.r...](https://github.com/jjyg/metasm/blob/master/samples/pe-hook.rb)

------
stevemk14ebr
hey guys i'm the creator thanks for the views! I plan on adding Export address
table stuff soon, making it cross platform, and i will look into improving IAT
hooks! Anything else i should look into?

------
speps
This is awesome, was looking at something like this some time ago for graphics
API hooking. All other options I found were commercial, non OSS or just a
random article on CodeProject.

------
beagle3
FYI: Windows only

