{"id":22169243,"url":"https://github.com/tinysec/iathook","last_synced_at":"2025-07-26T12:32:44.384Z","repository":{"id":54124013,"uuid":"71325488","full_name":"tinysec/iathook","owner":"tinysec","description":"windows kernelmode and usermode IAT hook","archived":false,"fork":false,"pushed_at":"2021-03-09T01:58:13.000Z","size":5,"stargazers_count":134,"open_issues_count":0,"forks_count":62,"subscribers_count":5,"default_branch":"master","last_synced_at":"2023-11-07T18:29:27.697Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tinysec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-10-19T06:23:22.000Z","updated_at":"2023-10-25T03:04:04.000Z","dependencies_parsed_at":"2022-08-13T07:01:02.743Z","dependency_job_id":null,"html_url":"https://github.com/tinysec/iathook","commit_stats":null,"previous_names":[],"tags_count":0,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinysec%2Fiathook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinysec%2Fiathook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinysec%2Fiathook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinysec%2Fiathook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tinysec","download_url":"https://codeload.github.com/tinysec/iathook/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227684641,"owners_count":17804054,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-02T06:30:01.071Z","updated_at":"2024-12-02T06:30:02.811Z","avatar_url":"https://github.com/tinysec.png","language":"C","readme":"# windows kernelmode and usermode IAT hook\n\n\nsample for windows usermode\n\n```c\n#include \u003cwindows.h\u003e\n\n\nLONG IATHook(\n\t__in_opt void* pImageBase ,\n\t__in_opt char* pszImportDllName ,\n\t__in char* pszRoutineName ,\n\t__in void* pFakeRoutine ,\n\t__out HANDLE* phHook\n);\n\nLONG UnIATHook( __in HANDLE hHook );\n\nvoid* GetIATHookOrign( __in HANDLE hHook );\n\ntypedef int (__stdcall *LPFN_MessageBoxA)( __in_opt HWND hWnd , __in_opt char* lpText , __in_opt char* lpCaption , __in UINT uType);\n\nHANDLE g_hHook_MessageBoxA = NULL;\n//////////////////////////////////////////////////////////////////////////\n\nint __stdcall Fake_MessageBoxA( __in_opt HWND hWnd , __in_opt char* lpText , __in_opt char* lpCaption , __in UINT uType)\n{\n\tLPFN_MessageBoxA fnOrigin = (LPFN_MessageBoxA)GetIATHookOrign(g_hHook_MessageBoxA);\n\n\treturn fnOrigin(hWnd , \"hook\" , lpCaption , uType);\n}\n\nint __cdecl wmain(int nArgc, WCHAR** Argv)\n{\n\tdo \n\t{\n\t\tUNREFERENCED_PARAMETER(nArgc);\n\t\tUNREFERENCED_PARAMETER(Argv);\n\n\t\tIATHook(\n\t\t\tGetModuleHandleW(NULL) ,\n\t\t\t\"user32.dll\" , \n\t\t\t\"MessageBoxA\" ,\n\t\t\tFake_MessageBoxA ,\n\t\t\t\u0026g_hHook_MessageBoxA\n\t\t);\n\t\t\n\t\tMessageBoxA(NULL , \"test\" , \"caption\" , 0);\n\n\t\tUnIATHook( g_hHook_MessageBoxA);\n\n\t\tMessageBoxA(NULL , \"test\" , \"caption\" , 0);\n\t\n\t} while (FALSE);\n\t\n\treturn 0;\n}\n\n```\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftinysec%2Fiathook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftinysec%2Fiathook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftinysec%2Fiathook/lists"}