- Notifications
You must be signed in to change notification settings - Fork26
Advanced x86/x86-64 hooking library (WIP).
License
zyantific/zyan-hook-engine
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Advanced x86/x86-64 hooking library for Windows
Everything in this repository is highly WiP and will probably not work as intended right now. Due to lack of time, development is currently on halt, but will hopefully resumed soon.
- Supports x86 and x86-64 (uses ourZydis diassembler library)
- Extremely safe and easy to use (read more)
- Thread-safe by design due to aTransactional API
- InbuildHook Barrier API to prevent unwanted hook recursion
- Complete doxygen documentation (master)
Patches the prologue of a function to redirect its codeflow and allocates a trampoline which can be used to continue execution of the original function.
- Windows kernel-mode support
- Multi-platform support (macOS, FreeBSD, Linux and UEFI)
- Software-Breakpoint (SWBP) Hook
- Writes an interrupt/privileged instruction at the begin of a target function and redirects codeflow by catching the resulting exceptions in an unhandled exception handler (Windows only).
- Hardware-Breakpoint (HWBP) Hook
- Hooks code using the CPU debug registers. Not a single byte of code is changed (Windows only).
- Import/Export Address Table Hook
- Hooks code by replacing import-address table (IAT) and export-address table (EAT) entries of COFF binaries at runtime (Windows only).
- Virtual-Method-Table Hook
- Hooks code by replacing virtual-method-table (VMT) entries of object instances at runtime.
Zyrex builds cleanly on most platforms without any external dependencies. You can use CMake to generate project files for your favorite C99 compiler.
git clone --recursive'https://github.com/zyantific/zyrex.git'cd zyrexmkdir build&&cd buildcmake ..make
Either use theVisual Studio 2017 project or build Zyrex usingCMake (video guide).
Versions follow thesemantic versioning scheme. All stability guarantees apply to the API only — ABI stability between patches cannot be assumed unless explicitly mentioned in the release notes.
masterholds the bleeding edge code of the next, unreleased Zyrex version. Elevated amounts of bugs and issues must be expected, API stability is not guaranteed outside of tagged commits.maintenance/v1contains the code of the latest stable v1 release.
Zyrex is licensed under the MIT License.