Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/alphaSeclab/hooking

Resources About Hooking. For All Platforms. Currently 300+ Tools And 600+ Posts.
https://github.com/alphaSeclab/hooking

android-hooking api-hooking art-hooking d3dx-hooking frida-hooking hooking inline-hooking linux-hooking syscall-hooking windows-hooking

Last synced: 21 days ago
JSON representation

Resources About Hooking. For All Platforms. Currently 300+ Tools And 600+ Posts.

Awesome Lists containing this project

README

        

# [所有收集类项目](https://github.com/alphaSeclab/all-my-collection-repos)

# Hook

- 跟Hooking相关资源。300+工具和600+文章
- [English Version](https://github.com/alphaSeclab/hooking/blob/master/Readme_en.md)

# 目录
- [高星工具](#cd57259c3562b0afd9a1c3026a7ecd7e)
- [Dobby](#9bf725c62803a4877a95f525e70ce5e3) -> [(3)工具](#e390d017c1017bd46d5b8f507f4fd3d4) [(1)文章](#a6d72ef4ede162a0e30a685e175f2826)
- [plthook](#15cdec8cb002f8ac99ef3dcc1905c31b) -> [(1)工具](#f89154bf4fc7bf4ac333dee2e5607daf)
- [subhook](#86a3d67feb05552e77c8b774dc57de62) -> [(1)工具](#c7bfc210dbe57d25b9baf46192752a01)
- [whale](#675d005d1740764eecb241c8a2515d09) -> [(1)工具](#3a82377770a448ca429284ae19705f26) [(1)文章](#629a4ee63f97fce67c975b8233abe80e)
- [D3DX-Hook](#b96702df6276c1710be6ac1c80470e65) -> [(8)工具](#48300d28294339433ac82b8bf4d4e92d) [(6)文章](#8021f4f590783d775f8f069b3ec008cd)
- [Frida-Hook](#2f3945b6dcf2f680ab3dd411f7cf55db) -> [(1)工具](#cb77f15c966122a0eb36fe507c30aaad) [(15)文章](#0709e7fb4ad72abead5a52b39b8f6a71)
- [Windows](#c48a16a5b0823472a010871aaf137a85)
- [monohook](#dcb071991b85cc82193025c458a2288b) -> [(1)工具](#0817c7b6f8e2736c66ac897160dc5261)
- [hyperbone](#cf76cb74fff06bbd90a29192699e20f0) -> [(1)工具](#cf17acbb8d83d3aeab4fed2cf014b472)
- [ddimon](#b2f70259224bfcff828ac54f3793a0a8) -> [(1)工具](#de81c2eee0069fbb8fe9f5f7a3ce0c27)
- [mhook](#8cebc34acc094d48b061564dfbe4328c) -> [(1)工具](#11194fc0dfeb5506639f48de0126e5d0) [(2)文章](#36cb78dc5ece1c2e8a2bba7a2b0a1bd1)
- [polyhook](#abbb4e134c358ca2fcdd4e524cd44f02) -> [(2)工具](#eaca31f967862193af27a292a1959525)
- [infinityhook](#890e3a0a7affe48952ead1c5f9490230) -> [(1)工具](#1844eec4bf3a1b4a68744703c1c202bd)
- [minhook](#b0d377398f50d8f7f9dc60743cfa13aa) -> [(2)工具](#4c9a8a35ade52fd64f16972e8a68e7a1) [(3)文章](#ea2742d39ff1bed30b7ce35ad808092f)
- [easyhook](#bc0813625ad5afdae8b42a1bd9a1c2b4) -> [(3)工具](#26f3fd90e7a78bbaf089137ef7901377) [(2)文章](#4a7346bc13f522e8bd1894839c0c4c0c)
- [.NET](#48f1c50fcb7495c630a34fc337a4b849) -> [(8)工具](#857e1dfab2c44af2da91032978f0e96e)
- [SSDT](#8e95ee1b5fe838ffe5dda1ce8d8b6571) -> [(6)工具](#da32ea71d0410c1420a86770a9fb1f0e) [(34)文章](#72b0e23ec112768033b81f42656993ab)
- [(48) 工具](#ef463ddf9e70b545120d01849ef666a6)
- [(45) 文章](#ad5138ec5ace48809894ffc5f123aba1)
- [Linux](#07584676bf0d2adc54dd9a0f3d6dc6e5) -> [(9)工具](#eecd435d6139119987877979e29bdb2f) [(19)文章](#c38b81500d0fc9abb6372b1aada01f6f)
- [Apple](#55f6189e26849b3daab8d76f5ec868a3)
- [inspectivec](#ab912772028a97555413c805be41abf9) -> [(1)工具](#dff0566feeb6e321cd31dacf9478d6a4)
- [captainhook](#22eb97e050393fadd7cc2da6f2527f1a) -> [(1)工具](#04bfe6387f61b8e07170308f8e20c115)
- [blockhook](#d22ce067c1e37bf1f5baedc3c18da5ff) -> [(1)工具](#8cd390f72bbe10e26acde30ec42a6ddc)
- [(8) 工具](#676bba5c840ee8156270bfcfc7d3b8d7)
- [(3) 文章](#67bd4e3298b9ff41a21101e72c42eacf)
- [Android](#3b35513a318dec7ac14c68173ecb9917)
- [Hook位置](#0fe82d44aced7fdbce0650cdf39d6b3c)
- [ART](#8a817e4fd91c0fb1531fcb994f18f6bf)
- [arthook](#7ce2be9bdcec22ae34192de162b5a16b) -> [(1)工具](#ec2ec694a999a8a6adaf029a8214482b) [(1)文章](#8b82f2cb117fe12ab5b8549cda424ead)
- [fasthook](#84050c37e997fa469d0bf2957740a26c) -> [(2)工具](#53605f8fe273227cfce6efb53f03ca5e)
- [edxposed](#a45596ac8a32884286decc3776dcc87a) -> [(1)工具](#b59634d15e0ff36530f26ea15ea14140)
- [yahfa](#e2d57f2f714c3398c5c3221f358a2bbc) -> [(2)工具](#617d992e3d5935e3f073489a6865f5bd) [(1)文章](#ff04a5c958e269af7eda93865680b8bf)
- [Substrate](#41c619b27a528b1fc4cf0e9881138d43)
- [hooker](#b27b46d6dd521ca0cbd8b0e985adf3b3) -> [(1)工具](#9cc593bb0fe4379f156c960ed57ddefc)
- [virtualhook](#4fb6e68ab88d70a5ba21daf3c748ab24) -> [(2)工具](#dc029a697388c8dd11166dc05b480af9) [(1)文章](#e1069bd619235ef63f0368c80dafe8a2)
- [sandhook](#77a4aa2e2f0a0b96f53bf6d73a9ed9a4) -> [(1)工具](#dd815766c5929bf9c831a10b0536b71e)
- [legend](#e1663df22437eac2082e12d2f43e0551) -> [(1)工具](#34f6f6cbec589ef696d862b8dd0b65f2)
- [xhook](#a7aba8e3ae6bc49848404294d1e1daf7) -> [(1)工具](#4b802273fcf67d94de34201135d7cf89)
- [androideagleeye](#b6226b7a5a4605934b0a6a9ab254f186) -> [(1)工具](#a1419c0af296c66e60c2a5dff3d7beca)
- [(35) 工具](#b7f01a8ca7061e6830e56a6e7edd30c3)
- [(42) 文章](#567c92c6319c66711d6ce7ee6d34e7d7)
- [新添加](#98fa503ca20e92cdf59d1c51249179a8)
- [Inline-Hook](#1f8ec021509b7b6b6b5d62550e386e6c) -> [(8)工具](#68ea699ec15a70060fc9c55191338622) [(52)文章](#0b51581a821919d41ac0b4007e6ef111)
- [Syscall-Hook](#16975a6e29db4c54e804c508371cd6f3) -> [(1)工具](#de570f6a46cf4ddf63da1d1d29ae6131) [(1)文章](#e6332e820833c39bfb6ca86591a77c12)
- [API-Hook](#80ef1878ee5cd38df30c0f1f2fe9daeb) -> [(15)工具](#796594632db41e5771e98ccbf3687c40) [(61)文章](#288c7565062613f05da93653dd81e710)
- [Un-Hook](#1030267e24ee5e3747b0876023f4f925) -> [(2)工具](#9402ee22b3361f18eac675a3d700b08f) [(3)文章](#5b9e84f7909d65e65242b7ed92df88eb)
- [(146) 工具](#a59a8c7582765d7653d4ef05cfde9ee0)
- [(349) 文章](#35bcd6dfdf8eb61a1c5f41cf90eed31f)

# 高星工具

***

## Dobby

### 工具

- [**1688**星][28d] [C++] [jmpews/dobby](https://github.com/jmpews/Dobby) 轻量级,多平台,多体系结构的Hook框架(曾用名:HookZz)
- [**316**星][4m] [ObjC] [jmpews/hookzzmodules](https://github.com/jmpews/hookzzmodules) modules deps on HookZz framework.
- [**67**星][30d] [C] [luoyanbei/testhookzz](https://github.com/luoyanbei/testhookzz) iOS逆向:使用HookZz框架hook游戏“我的战争”,进入上帝模式

### 文章

- 2017.09 [pediy] [[原创] 利用 HookZz 实现反调试与绕过的奇淫技巧](https://bbs.pediy.com/thread-220795.htm)

***

## plthook

### 工具

- [**283**星][28d] [C] [kubo/plthook](https://github.com/kubo/plthook) 修改ELF文件的PLT、PE文件的IAT,实现的函数Hook

***

## subhook

### 工具

- [**385**星][1m] [C] [zeex/subhook](https://github.com/zeex/subhook) 简易的跨平台Hook框架,针对C/C++,只支持x86。无依赖

***

## whale

### 工具

- [**917**星][26d] [C++] [aslody/whale](https://github.com/aslody/whale) Hook Framework for Android/IOS/Linux/MacOS

### 文章

- 2019.01 [pediy] [[原创]Whale -- ART Hook的最方案与实践](https://bbs.pediy.com/thread-249212.htm)

# D3DX-Hook

***

## 工具

- [**203**星][28d] [C++] [rebzzel/kiero](https://github.com/rebzzel/kiero) Universal graphical hook for a D3D9-D3D12, OpenGL and Vulcan based games.
- [**59**星][2m] [C++] [codereversing/directx9hook](https://github.com/codereversing/directx9hook) Runtime DirectX9 Hooking
- [**52**星][11m] [C++] [gaypig/directx11-hook-with-discord](https://github.com/gaypig/directx11-hook-with-discord) DirectX11 hook with discord
- [**40**星][4m] [C++] [rebzzel/universal-d3d11-hook](https://github.com/rebzzel/universal-d3d11-hook) Universal hook for DX11 based games written in C++
- [**37**星][4m] [C++] [niemand-sec/directx11hook](https://github.com/niemand-sec/directx11hook) Hooking Game Graphic Engines!
- [**11**星][4m] [C++] [guided-hacking/gh_d3d11_hook](https://github.com/guided-hacking/gh_d3d11_hook) Barebones D3D11 hook.
- [**5**星][1y] [C++] [nexus-devs/nexus-hook](https://github.com/nexus-devs/nexus-hook) Hooking functionality for DirectX11 applications
- [**0**星][3m] [Lua] [yungtry/gtasa-d3dhook](https://github.com/yungtry/gtasa-d3dhook) Directx hook GTA:SA via Cheat Engine

***

## 文章

- 2018.03 [qq] [【外挂分析】hookd3d9 通用CPU优化](http://gslab.qq.com/article-426-1.html)
- 2017.12 [pediy] [[原创] Hook Directx在游戏中显示自己的文字 代码加注解 MASM](https://bbs.pediy.com/thread-223562.htm)
- 2016.03 [pediy] [[原创]非静态成员函数定位及HOOK以DirectX内部成员函数为例](https://bbs.pediy.com/thread-208253.htm)
- 2015.12 [codereversing] [Runtime DirectX Hooking](http://www.codereversing.com/blog/archives/282)
- 2014.11 [pediy] [[原创][原创]D3D HOOK 游戏透视实现](https://bbs.pediy.com/thread-194475.htm)
- 2014.06 [pediy] [[原创]从来没人公开的秘密 -----D3D HOOK的捷径](https://bbs.pediy.com/thread-189538.htm)

# Frida-Hook

***

## 工具

- [**76**星][2m] [Py] [hamz-a/jeb2frida](https://github.com/hamz-a/jeb2frida) Automated Frida hook generation with JEB

***

## 文章

- 2020.05 [aliyun] [How to hook Android Native methods with Frida (Noob Friendly)](https://xz.aliyun.com/t/7729)
- 2020.05 [aliyun] [使用Frida给apk脱壳并穿透加固Hook函数](https://xz.aliyun.com/t/7670)
- 2020.04 [wundercontrol] [[Android] Hooking void method - Frida](https://www.youtube.com/watch?v=ArWOZJRE-jU)
- 2019.11 [securify] [Android Frida hooking: disabling FLAG_SECURE](https://www.securify.nl/en/blog/SFY20191103/android-frida-hooking_-disabling-flag_secure.html)
- 2019.10 [securify] [Automated Frida hook generation with JEB](https://www.securify.nl/en/blog/SFY20191006/automated-frida-hook-generation-with-jeb.html)
- 2019.01 [fuzzysecurity] [Windows Hacking 之:ApplicationIntrospection & Hooking With Frida](http://fuzzysecurity.com/tutorials/29.html)
- 2018.11 [freebuf] [Frida-Wshook:一款基于Frida.re的脚本分析工具](https://www.freebuf.com/sectool/188726.html)
- 2018.09 [pediy] [[原创]使用frida来hook加固的Android应用的java层](https://bbs.pediy.com/thread-246767.htm)
- 2018.07 [pediy] [[原创]在windows搭建frida hook环境碰到问题](https://bbs.pediy.com/thread-230138.htm)
- 2018.07 [pediy] [[原创]进阶Frida--Android逆向之动态加载dex Hook(三)(下篇)](https://bbs.pediy.com/thread-229657.htm)
- 2018.07 [pediy] [[原创]进阶Frida--Android逆向之动态加载dex Hook(三)(上篇)](https://bbs.pediy.com/thread-229597.htm)
- 2018.06 [pediy] [[原创]初识Frida--Android逆向之Java层hook (二)](https://bbs.pediy.com/thread-227233.htm)
- 2018.06 [pediy] [[原创]初识Frida--Android逆向之Java层hook (一)](https://bbs.pediy.com/thread-227232.htm)
- 2017.08 [notsosecure] [如何动态调整使用 Android 的NDK 编写的代码,即:使用 Frida Hook C/ C++ 开发的功能。](https://www.notsosecure.com/instrumenting-native-android-functions-using-frida/)
- 2017.04 [fuping] [Android HOOK 技术之Frida的初级使用](https://fuping.site/2017/04/01/Android-HOOK-%E6%8A%80%E6%9C%AF%E4%B9%8BFrida%E7%9A%84%E5%88%9D%E7%BA%A7%E4%BD%BF%E7%94%A8/)

# Windows

***

## monohook

### 工具

- [**269**星][30d] [C#] [misaka-mikoto-tech/monohook](https://github.com/Misaka-Mikoto-Tech/MonoHook) hook C# method at runtime without modify dll file (such as UnityEditor.dll)

***

## hyperbone

### 工具

- [**423**星][1y] [C] [darthton/hyperbone](https://github.com/darthton/hyperbone) 极简的带Hook的VT-x hypervisor

***

## ddimon

### 工具

- [**512**星][2y] [C++] [tandasat/ddimon](https://github.com/tandasat/ddimon) 通过使用扩展页表(EPT),执行内联hook的hypervisor,对访客(即除DdiMon之外的任何代码)是不可见的

***

## mhook

### 工具

- [**512**星][30d] [C] [martona/mhook](https://github.com/martona/mhook) A Windows API hooking library

### 文章

- 2017.11 [apriorit] [Mhook Enhancements: 10x Speed Improvement and Other Fixes](https://www.apriorit.com/dev-blog/469-mhook-enhancements)
- 2014.09 [pediy] [[原创]MHOOK中跳板复用bug分析](https://bbs.pediy.com/thread-192760.htm)

***

## polyhook

### 工具

- [**646**星][9m] [C++] [stevemk14ebr/polyhook](https://github.com/stevemk14ebr/polyhook) x86/x64 C++ Hooking Library
- [**515**星][27d] [C++] [stevemk14ebr/polyhook_2_0](https://github.com/stevemk14ebr/polyhook_2_0) C++17, x86/x64 Hooking Libary v2.0

***

## infinityhook

### 工具

- [**1079**星][4m] [C++] [everdox/infinityhook](https://github.com/everdox/infinityhook) Hook system calls, context switches, page faults and more.

***

## minhook

### 工具

- [**1364**星][28d] [C] [tsudakageyu/minhook](https://github.com/tsudakageyu/minhook) 最小化的x86/x64 API Hook 库
- [**28**星][2y] [C] [sentinel-one/minhook](https://github.com/sentinel-one/minhook) The Minimalistic x86/x64 API Hooking Library for Windows

### 文章

- 2019.03 [aliyun] [minhook源码阅读分析](https://xz.aliyun.com/t/4468)
- 2017.09 [pediy] [[原创]MinHook测试与分析(x64下 E9,EB,CALL指令测试,且逆推测试微软热补丁)](https://bbs.pediy.com/thread-221418.htm)
- 2017.09 [pediy] [[原创]MinHook测试分析01 (x86的jmp+offset类型hook)](https://bbs.pediy.com/thread-220877.htm)

***

## easyhook

### 工具

- [**1707**星][1y] [C] [easyhook/easyhook](https://github.com/easyhook/easyhook) 重新发明了Windows API挂钩
- [**67**星][27d] [C#] [easyhook/easyhook-tutorials](https://github.com/easyhook/easyhook-tutorials) Contains the source code for the EasyHook tutorials found at
- [**14**星][5m] [C#] [ulysseswu/vinjex](https://github.com/ulysseswu/vinjex) A simple DLL injection lib using Easyhook, inspired by VInj.

### 文章

- 2017.11 [BinaryAdventure] [EasyHook x64 Notepad API Hook part 2](https://www.youtube.com/watch?v=ro07dEPyGmY)
- 2017.11 [BinaryAdventure] [API Hooking - Using EasyHook to hook NtCreateFile in Notepad.exe](https://www.youtube.com/watch?v=o3H4E278y_g)

***

## .NET

### 工具

- [**117**星][2y] [C#] [tandasat/dotnethooking](https://github.com/tandasat/dotnethooking) Sample use cases of the .NET native code hooking technique
- [**60**星][2y] [C#] [wledfor2/playhooky](https://github.com/wledfor2/playhooky) C# Runtime Hooking Library for .NET/Mono/Unity.
- [**34**星][4m] [C#] [dangbee/dotnethook](https://github.com/dangbee/dotnethook) A hook proof of concept with no native dependencies. Hook both .NET methods (even framework methods) and Native methods entirely in .NET.
- [**31**星][1y] [C#] [thaisenpm/loader2](https://github.com/thaisenpm/loader2) Nova Hook is an open source C# cheat loader currently built for CS:GO
- [**16**星][6m] [C#] [lontivero/open.winkeyboardhook](https://github.com/lontivero/open.winkeyboardhook) A simple and easy-to-use .NET managed wrapper for Low Level Keyboard hooking.
- [**15**星][2m] [Visual Basic .NET] [thaisenpm/loader1](https://github.com/thaisenpm/loader1) Nova Hook is an open source VB.NET cheat loader currently built for CS:GO
- [**11**星][6m] [C#] [20chan/globalhook](https://github.com/20chan/GlobalHook) Simple global keyboard, mouse hook and simulation library written C#
- [**None**星][C#] [elliesaur/dotnethook](https://github.com/elliesaur/dotnethook) A hook proof of concept with no native dependencies. Hook both .NET methods (even framework methods) and Native methods entirely in .NET.

***

## SSDT

### 工具

- [**58**星][3y] [C++] [int0/processisolator](https://github.com/int0/processisolator) Utility to hook SSDT of specific process and transfer control to a service (usermode app) for handling to determine action allow/deny API call etc.
- [**12**星][5y] [C] [s18leoare/hackshield-driver-bypass](https://github.com/s18leoare/hackshield-driver-bypass) Bypass HackShield several specific SSDT hook in Ring0
- [**8**星][3m] [C] [papadp/shd](https://github.com/papadp/shd) Ssdt Hook Detection tool
- [**7**星][11m] [C] [cherryzy/process_protect_module](https://github.com/cherryzy/process_protect_module) Monitor and protect processes use "PsSetCreateProcessNotifyRoutineEx" and kernel ssdt hook.
- [**6**星][6y] [C++] [wyrover/hkkerneldbg](https://github.com/wyrover/hkkerneldbg) F**k ssdt hook in np, tp, hs
- [**3**星][2y] [C] [sqdwr/64-bits-inserthook](https://github.com/sqdwr/64-bits-inserthook) insert a ssdt table to hook

### 文章

- 2018.12 [pediy] [[原创]过用户层HOOK 驱动层SSDT HOOK (之进程保护篇)](https://bbs.pediy.com/thread-248583.htm)
- 2018.11 [pediy] [[分享][原创]Win7 x86 SSDT Inline Hook](https://bbs.pediy.com/thread-247983.htm)
- 2016.05 [pediy] [[原创]关于Win7 x64 Shadow SSDT 的探索和 Inline HOOK](https://bbs.pediy.com/thread-210481.htm)
- 2015.12 [insinuator] [Investigating Memory Analysis Tools – SSDT Hooking via Pointer Replacement](https://insinuator.net/2015/12/investigating-memory-analysis-tools-ssdt-hooking-via-pointer-replacement/)
- 2015.09 [pediy] [[原创]旧代码分享:绕过卡巴斯基主动防御,加载驱动,unhook所有SSDT&Shadow SSDT](https://bbs.pediy.com/thread-204492.htm)
- 2015.09 [pediy] [原创 普及X64 ssdtshadow inline HOOK](https://bbs.pediy.com/thread-204323.htm)
- 2015.05 [pediy] [[原创]SSDT InlineHook学习笔记](https://bbs.pediy.com/thread-200431.htm)
- 2013.12 [pediy] [[原创]SSDT Hook 详细过程](https://bbs.pediy.com/thread-183132.htm)
- 2013.12 [pediy] [[原创]Win8 32位中SSDT Shadow Hook的实现方法](https://bbs.pediy.com/thread-182355.htm)
- 2013.08 [pediy] [[原创]Win32Asm 驱动学习笔记《 HOOK SSDT》](https://bbs.pediy.com/thread-176717.htm)
- 2013.08 [pediy] [[原创]新手学ssdt_hook](https://bbs.pediy.com/thread-176477.htm)
- 2013.06 [pediy] [[原创]一份简单的内核通用HOOK 带使用例子(带简单SSDT恢复)~](https://bbs.pediy.com/thread-174170.htm)
- 2012.07 [pediy] [[原创]汇编与驱动-采用SSDT Hook NtOpenProcess保护进程](https://bbs.pediy.com/thread-153176.htm)
- 2012.06 [pediy] [[原创]E语言ring0 inline &ssdt hook](https://bbs.pediy.com/thread-152603.htm)
- 2011.12 [pediy] [[原创]谈谈 通杀SSDT hook和Shadow SSDT hook的方法](https://bbs.pediy.com/thread-143987.htm)
- 2011.08 [sevagas] [Hide files using SSDT hooking](https://blog.sevagas.com/?Hide-files-using-SSDT-hooking)
- 2011.07 [pediy] [[原创]shadow_ssdt_hook_2.asm](https://bbs.pediy.com/thread-136321.htm)
- 2010.12 [pediy] [[翻译]系统范围内挂钩Native API控制进程创建(SSDT HOOK)](https://bbs.pediy.com/thread-126574.htm)
- 2010.12 [pediy] [[原创](开源)一个简单的ssdthook进程名 保护进程 兼容2000以后所有x86系统](https://bbs.pediy.com/thread-126077.htm)
- 2009.10 [pediy] [[原创]FSD HOOK与SSDT HOOK恢复简单思路](https://bbs.pediy.com/thread-99970.htm)
- 2009.02 [pediy] [[原创]Anti SSDT Hook](https://bbs.pediy.com/thread-82066.htm)
- 2008.12 [pediy] [[原创]打造自己的HOOK引擎 之一 --- SSDT HOOK引擎](https://bbs.pediy.com/thread-79247.htm)
- 2008.12 [pediy] [[原创]inline hook SSDT 躲避 Themida 的ThreadHideFromDebugger (学习笔记2)](https://bbs.pediy.com/thread-78423.htm)
- 2008.12 [pediy] [[原创]扫盲贴,HOOK SSDT 短文一篇。](https://bbs.pediy.com/thread-78218.htm)
- 2008.11 [pediy] [[原创]HOOK SSDT AND HOOK Shadow SSDT FOR DELPHI](https://bbs.pediy.com/thread-77500.htm)
- 2008.11 [talosintelligence] [Fun with SSDT Hooks and DEP](https://blog.talosintelligence.com/2008/11/fun-with-ssdt-hooks-and-dep.html)
- 2008.08 [pediy] [[原创]分享比较完整的ROOTKIT DEMO! 原来Shadow Hook和SSDT Hook一样容易!](https://bbs.pediy.com/thread-70083.htm)
- 2008.07 [pediy] [[原创]重现SSDT-Shadow Hook编译通过的代码,献给所有,有共享精神的人](https://bbs.pediy.com/thread-67656.htm)
- 2008.06 [pediy] [[原创]Hook Shadow SSDT](https://bbs.pediy.com/thread-65931.htm)
- 2008.05 [pediy] [[原创]谈谈对于SSDT中的API进行双层HOOK的通用处理模式](https://bbs.pediy.com/thread-64798.htm)
- 2008.04 [pediy] [[原创]SSDT Hook For Delphi](https://bbs.pediy.com/thread-63611.htm)
- 2008.01 [pediy] [[原创]RootKit hook之[二] SSDT hook](https://bbs.pediy.com/thread-58199.htm)
- 2007.08 [pediy] [[原创]用DDDK编写驱动,修改SSDT表HOOK NTDebugActiveProcess函数](https://bbs.pediy.com/thread-50052.htm)
- 2007.03 [pediy] [[原创]SSDT Hook的妙用-对抗ring0 inline hook](https://bbs.pediy.com/thread-40832.htm)

***

## 工具

- [**1866**星][27d] [Py] [boppreh/keyboard](https://github.com/boppreh/keyboard) 在Windows和Linux上挂钩和模拟全局键盘事件
- [**787**星][4m] [C++] [ysc3839/fontmod](https://github.com/ysc3839/fontmod) 修改 Win32 程序字体的简单的 hook 工具。可用于一些基于 GDI 或者 Qt 的程序
- [**546**星][5m] [C#] [crosire/scripthookvdotnet](https://github.com/crosire/scripthookvdotnet) An ASI plugin for Grand Theft Auto V, which allows running scripts written in any .NET language in-game.
- [**310**星][29d] [C] [gbps/gbhv](https://github.com/gbps/gbhv) Simple x86-64 VT-x Hypervisor with EPT Hooking
- [**193**星][26d] [C#] [justcoding121/windows-user-action-hook](https://github.com/justcoding121/windows-user-action-hook) A .NET library to subscribe for Windows operating system global user actions such mouse, keyboard, clipboard & print events
- [**92**星][3y] [C++] [shmuelyr/captainhook](https://github.com/shmuelyr/captainhook) CaptainHook is perfect x86/x64 hook environment
- [**88**星][2m] [C] [tinysec/iathook](https://github.com/tinysec/iathook) windows内核模式和用户模式IAT hook
- [**79**星][3y] [C] [stevemk14ebr/unihook](https://github.com/stevemk14ebr/unihook) Intercept arbitrary functions at run-time, without knowing their typedefs
- [**76**星][24d] [C] [danielkrupinski/vac-hooks](https://github.com/danielkrupinski/vac-hooks) Hook WinAPI functions used by Valve Anti-Cheat. Log calls and intercept arguments & return values. DLL written in C.
- [**45**星][10m] [C#] [userr00t/universalunityhooks](https://github.com/userr00t/universalunityhooks) A framework designed to hook into and modify methods in unity games via dlls
- [**44**星][7m] [C++] [wopss/renhook](https://github.com/wopss/renhook) An open-source x86 / x86-64 hooking library for Windows.
- [**42**星][1m] [Rust] [verideth/dll_hook-rs](https://github.com/verideth/dll_hook-rs) Rust code to show how hooking in rust with a dll works.
- [**40**星][1m] [C++] [prekageo/winhook](https://github.com/prekageo/winhook)
- [**38**星][1m] [C++] [rolfrolles/wbdeshook](https://github.com/rolfrolles/wbdeshook) DLL-injection based solution to Brecht Wyseur's wbDES challenge (based on SysK's Phrack article)
- [**38**星][1m] [Assembly] [muffins/rookit_playground](https://github.com/muffins/rookit_playground) Educational repository for learning about rootkits and Windows Kernel Hooks.
- [**35**星][2m] [C++] [codereversing/wow64syscall](https://github.com/codereversing/wow64syscall) WoW64 Syscall Hooking
- [**34**星][3y] [C++] [menooker/fishhook](https://github.com/menooker/fishhook) An inline hook platform for Windows x86/x64
- [**34**星][30d] [Py] [byzero512/winpwn](https://github.com/byzero512/winpwn) for CTF windows pwn and IAT/EAT hook
- [**32**星][2m] [C++] [netdex/twinject](https://github.com/netdex/twinject) Automated player and hooking framework for bullet hell games from the Touhou Project
- [**30**星][2m] [C] [deroko/activationcontexthook](https://github.com/deroko/activationcontexthook) Hook 进程,强制进程加载重定向的 DLL
- [**29**星][4m] [C++] [m-r-j-o-h-n/swh-injector](https://github.com/m-r-j-o-h-n/swh-injector) An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
- [**27**星][6m] [HTML] [flyrabbit/winproject](https://github.com/flyrabbit/winproject) Hook, DLLInject, PE_Tool
- [**27**星][3m] [C] [tinysec/runwithdll](https://github.com/tinysec/runwithdll) windows create process with a dll load first time via LdrHook
- [**24**星][3m] [C] [david-reguera-garcia-dreg/phook](https://github.com/david-reguera-garcia-dreg/phook) Full DLL Hooking, phrack 65
- [**24**星][5m] [C] [maikel233/x-hook-for-csgo](https://github.com/maikel233/x-hook-for-csgo) Aimtux for Windows.
- [**22**星][1m] [Go] [castaneai/hinako](https://github.com/castaneai/hinako) x86 WinAPI hook written in pure Go
- [**22**星][29d] [C++] [xbased/xhook](https://github.com/xbased/xhook) Hook Windows API. supports Win7/8/10 x86 and x64 platform.
- [**21**星][2m] [C] [adrianyy/kernelhook](https://github.com/adrianyy/kernelhook) Windows inline hooking tool.
- [**21**星][5m] [C] [xiaofen9/ssdthook](https://github.com/xiaofen9/ssdthook) An SSDT hook for Windows
- [**19**星][5m] [Java] [col-e/simplified-jna](https://github.com/col-e/simplified-jna) Multi-threaded JNA hooks and simplified library access to window/key/mouse functions.
- [**18**星][11m] [Assembly] [egebalci/hook_api](https://github.com/egebalci/hook_api) Assembly block for hooking windows API functions.
- [**16**星][5m] [C] [sin5678/hidedir](https://github.com/sin5678/hidedir) 使用SSDT HOOK 在windows上隐藏指定文件或者文件夹
- [**14**星][3m] [C++] [hmihaidavid/hooks](https://github.com/hmihaidavid/hooks) A DLL that performs IAT hooking
- [**13**星][4y] [C++] [jonasblunck/dp](https://github.com/jonasblunck/dp) Win32 API and COM hooking/tracing.
- [**13**星][7m] [C#] [kanegovaert/unknown-logger](https://github.com/kanegovaert/unknown-logger) An advanced Windows Keylogger with features like (Disable CMD, Screenshotter, Client Stub Builder, Low Level Keyhooks, Hide Application, Respawner, Delete Chrome and Firefox data, and more!)
- [**12**星][8m] [C++] [sin5678/wow64hook](https://github.com/sin5678/wow64hook) wow64 syscall filter
- [**11**星][6m] [Py] [debasishm89/qhook](https://github.com/debasishm89/qhook) qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
- [**11**星][1y] [C++] [therena/findthestupidwindow](https://github.com/therena/findthestupidwindow) Windows API hooking project to log all the windows / UIs with the exact timestamp when they are opened.
- [**11**星][6y] [weixu8/registrymonitor](https://github.com/weixu8/registrymonitor) Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
- [**10**星][7y] [Py] [nitram2342/spooky-hook](https://github.com/nitram2342/spooky-hook) WinAppDbg helper script to catch API calls
- [**9**星][6m] [C++] [windy32/win32-console-hook-lib](https://github.com/windy32/win32-console-hook-lib) A light-weight console hook library for convenient console interactions
- [**8**星][6m] [C++] [mgostih/snifferih](https://github.com/mgostih/snifferih) DLL Hooking Packet Sniffer
- [**8**星][27d] [C++] [ivan-sincek/keylogger](https://github.com/ivan-sincek/keylogger) Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).
- [**7**星][2y] [Go] [nanitefactory/hookwin10calc](https://github.com/nanitefactory/hookwin10calc) Reverse engineered Windows 10 Calculator.exe (UWP application) hacker. 한글/漢文을 배운 윈도우 계산기 패치.
- [**5**星][2y] [C++] [wanttobeno/window_keyandmousehook](https://github.com/wanttobeno/window_keyandmousehook) Window Key And Mouse Hook
- [**4**星][10m] [C++] [aschrein/apiparse](https://github.com/aschrein/apiparse) Small project to learn windows dll hooking techniques based on sources of renderdoc and apitrace
- [**4**星][2y] [C#] [trojaner/rocketplus](https://github.com/trojaner/rocketplus) Adding extra functionality to RocketMod API by using method hooking [Windows x64 only]. Also provides an API for .NET Method detouring
- [**0**星][2y] [C] [vallejocc/poc-find-chrome-ktlsprotocolmethod](https://github.com/vallejocc/poc-find-chrome-ktlsprotocolmethod) Proof of Concept code to download chrome.dll symbols from chromium symbols store and find the bssl::kTLSProtocolMethod table of pointers (usually hooked by malware)

***

## 文章

- 2020.03 [apriorit] [How to Hook 64-Bit Code from WOW64 32-Bit Mode](https://www.apriorit.com/dev-blog/665-win-hook-64-bit-code-from-32-bit-mode)
- 2019.10 [sentinelone] [How TrickBot Hooking Engine Targets Windows 10 Browsers](https://www.sentinelone.com/blog/how-trickbot-hooking-engine-targets-windows-10-browsers/)
- 2019.08 [contextis] [Common Language Runtime Hook for Persistence](https://www.contextis.com/en/blog/common-language-runtime-hook-for-persistence)
- 2019.05 [vimeo] [DKOM 3.0: Hiding and Hooking with Windows Extension Hosts - Alex Ionescu, Gabrielle Viala, Yarden Shafir - INFILTRATE 2019](https://vimeo.com/335166152)
- 2019.04 [fsx30] [Hooking Heaven’s Gate — a WOW64 hooking technique](https://medium.com/p/5235e1aeed73)
- 2019.01 [pediy] [[原创][Hook][ws2_32.dll]](https://bbs.pediy.com/thread-249249.htm)
- 2019.01 [4hou] [绕过EDR内存保护的新方法:NTDLL IAT Hook](http://www.4hou.com/system/15956.html)
- 2018.11 [aliyun] [Hook深度研究:监视WOW64程序在系统中的执行情况](https://xz.aliyun.com/t/3311)
- 2018.03 [malwarebytes] [恶意软件Hancitor最新版除使用processhollowing注入技巧之外, 创建kernel32.dll的副本, 绕过R3 Hook监控, 躲避检测](https://blog.malwarebytes.com/threat-analysis/2018/03/hancitor-fileless-attack-with-a-copy-trick/)
- 2017.12 [4hou] [一篇文章教你如何检测Win API Hooks(Ring3)](http://www.4hou.com/system/9112.html)
- 2017.11 [rootedconmadrid] [Pablo San Emeterio - WHF: Windows Hooking Framework [RootedCON 2012 - ESP]](https://www.youtube.com/watch?v=1yNhZ62C2bw)
- 2017.07 [huntingmalware] [Hooking Windows events without knowing anything about C/C++](https://blog.huntingmalware.com/notes/WMI)
- 2017.06 [eyeofrablog] [Windows 键盘记录器 Part 2: 如何检测 Part 1 中提到的Hook 方式](https://eyeofrablog.wordpress.com/2017/06/27/windows-keylogger-part-2-defense-against-user-land/)
- 2017.05 [4hou] [利用global API hooks在Win7系统下隐藏进程](http://www.4hou.com/technology/4395.html)
- 2017.04 [3gstudent] [利用globalAPIhooks在Win7系统下隐藏进程](https://3gstudent.github.io/3gstudent.github.io/%E5%88%A9%E7%94%A8globalAPIhooks%E5%9C%A8Win7%E7%B3%BB%E7%BB%9F%E4%B8%8B%E9%9A%90%E8%97%8F%E8%BF%9B%E7%A8%8B/)
- 2017.04 [3gstudent] [利用globalAPIhooks在Win7系统下隐藏进程](https://3gstudent.github.io/3gstudent.github.io/%E5%88%A9%E7%94%A8globalAPIhooks%E5%9C%A8Win7%E7%B3%BB%E7%BB%9F%E4%B8%8B%E9%9A%90%E8%97%8F%E8%BF%9B%E7%A8%8B/)
- 2016.06 [pediy] [[原创]windows x64 hook KiSystemCall64](https://bbs.pediy.com/thread-210886.htm)
- 2016.01 [freebuf] [DLL注入的几种姿势(一):Windows Hooks](http://www.freebuf.com/articles/system/93413.html)
- 2015.09 [pediy] [[原创]win7 x64 下的Object Hook](https://bbs.pediy.com/thread-203767.htm)
- 2015.06 [codereversing] [Syscall Hooking Under WoW64: Implementation (2/2)](http://www.codereversing.com/blog/archives/246)
- 2015.06 [codereversing] [Syscall Hooking Under WoW64: Introduction (1/2)](http://www.codereversing.com/blog/archives/243)
- 2015.01 [debasish] [qHooK - Not Just a Win32 API Hooking Script](http://www.debasish.in/2015/01/qhook-not-just-win32-api-hooking-script.html)
- 2014.11 [hypervsir] [Using LBR (Last Branch Record) Feature to Detect IDT-Shadowing-Based Malicious IDT Hooking](http://hypervsir.blogspot.com/2014/11/using-lbr-last-branch-record-feature-to.html)
- 2014.07 [pediy] [[原创]暑假浅谈系列第二帖——win7 object hook](https://bbs.pediy.com/thread-189802.htm)
- 2014.02 [evilsocket] [How to Hook Win32 API With Kernel Patching](https://www.evilsocket.net/2014/02/01/keservicedescriptortable-patching-aka-how-to-hook-win32-api-patching-the-kernel/)
- 2012.09 [volatility] [MoVP 3.1 Detecting Malware Hooks in the Windows GUI Subsystem](https://volatility-labs.blogspot.com/2012/09/movp-31-detecting-malware-hooks-in.html)
- 2012.04 [pediy] [[原创]windows内核 win7 和 xp下 hook过滤KiFastCallEntry的不同之处(远离360的hook)](https://bbs.pediy.com/thread-149003.htm)
- 2011.09 [pediy] [[原创]Windows环境下基于Hook技术的调试器及其实现(含源码)](https://bbs.pediy.com/thread-139813.htm)
- 2011.09 [htbridge] [Inline Hooking in Windows](https://www.htbridge.com/blog/inline_hooking_in_windows.html)
- 2011.08 [mista] [Windows Hooks of Death: Kernel Attacks through User-Mode Callbacks](http://mista.nu/blog/?p=632)
- 2011.08 [htbridge] [Userland Hooking in Windows](https://www.htbridge.com/blog/userland_hooking_in_windows.html)
- 2011.06 [shiftlock] [Windows hooks detector](https://shiftlock.wordpress.com/2011/06/22/windows-hooks-detector/)
- 2011.02 [winsunxu] [Windows防火墙之NDIS HOOK和TDI HOOK](https://blog.csdn.net/winsunxu/article/details/6196319)
- 2010.10 [pediy] [[原创]hook_exitwindowsex.asm](https://bbs.pediy.com/thread-122496.htm)
- 2010.09 [pediy] [[原创]PYdotDLL. a simple python hook engine / update 2010.9.28](https://bbs.pediy.com/thread-120438.htm)
- 2010.09 [redplait] [ntdll official hooks](http://redplait.blogspot.com/2010/09/ntdll-official-hooks.html)
- 2010.02 [pediy] [[翻译]QuietRIATT:通过HOOK DLL函数重建IAT](https://bbs.pediy.com/thread-107092.htm)
- 2010.02 [xyz] [wince中的hook(钩子)用法](https://blog.csdn.net/xyz_lmn/article/details/5289128)
- 2010.02 [xyz] [Using keyboard hooks in WinCE](https://blog.csdn.net/xyz_lmn/article/details/5289131)
- 2010.02 [xyz] [wince上能够使用的hook是有限的](https://blog.csdn.net/xyz_lmn/article/details/5289120)
- 2009.11 [magictong] [SetWinEventHook 事件钩子](https://blog.csdn.net/magictong/article/details/4753122)
- 2008.10 [pediy] [[原创]IAT HOOK 代码注入非DLL](https://bbs.pediy.com/thread-74569.htm)
- 2008.05 [pediy] [[原创]利用IAT hook实现windows通用密码后门](https://bbs.pediy.com/thread-65391.htm)
- 2006.01 [sans] [KbHook.dll is Not Always Spyware](https://isc.sans.edu/forums/diary/KbHookdll+is+Not+Always+Spyware/1076/)
- 2005.03 [pediy] [[转帖]在Windows 2003中HOOK ZwCreateProc](https://bbs.pediy.com/thread-11955.htm)

# Linux

***

## 工具

- [**140**星][7m] [C] [davidbuchanan314/tardis](https://github.com/davidbuchanan314/tardis) Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.
- [**134**星][1m] [C] [poliva/ldpreloadhook](https://github.com/poliva/ldpreloadhook) a quick open/close/ioctl/read/write/free function hooker
- [**94**星][30d] [C] [milabs/khook](https://github.com/milabs/khook) Linux Kernel hooking engine (x86)
- [**68**星][1m] [C] [ilammy/ftrace-hook](https://github.com/ilammy/ftrace-hook) Using ftrace for function hooking in Linux kernel
- [**45**星][2m] [C] [jmpews/evilelf](https://github.com/jmpews/evilelf) Malicious use of ELF such as .so inject, func hook and so on.
- [**35**星][3y] [C] [jordan9001/superhide](https://github.com/jordan9001/superhide) Example of hooking a linux systemcall
- [**8**星][2m] [C] [rafael-santiago/kook](https://github.com/rafael-santiago/kook) A syscall hooking system for FreeBSD, NetBSD and also Linux.
- [**6**星][2y] [C] [sizet/lkm_parse_dns_packet](https://github.com/sizet/lkm_parse_dns_packet) linux 核心模組, 使用 netfilter IPv4 hook 監聽和分析 DNS 請求和回應封包.
- [**5**星][3m] [C] [deb0ch/toorkit](https://github.com/deb0ch/toorkit) A simple useless rootkit for the linux kernel. It is a kernel module which hooks up the open() syscall (or potentially any syscall) to replace it with a custom function.

***

## 文章

- 2020.01 [mike] [Hooking Linux Libraries for Post-Exploitation Fun](https://www.mike-gualtieri.com/posts/hooking-linux-libraries-for-post-exploitation-fun)
- 2020.01 [freebuf] [Linux HIDS agent 概要和用户态HOOK(一)](https://www.freebuf.com/geek/223409.html)
- 2019.12 [knownsec404team] [Linux HIDS agent Summary and User Status HOOK [1]](https://medium.com/p/f1bb17295456)
- 2019.12 [venus] [Linux HIDS agent Summary and User Status HOOK [1]](https://paper.seebug.org/1104/)
- 2019.12 [knownsec] [Linux HIDS agent 概要和用户态 HOOK(一)](https://blog.knownsec.com/2019/12/linux-hids-agent-%e6%a6%82%e8%a6%81%e5%92%8c%e7%94%a8%e6%88%b7%e6%80%81-hook%ef%bc%88%e4%b8%80%ef%bc%89/)
- 2019.12 [aliyun] [Linux下Hook方式汇总](https://xz.aliyun.com/t/6961)
- 2019.12 [4hou] [Linux HIDS agent 概要和用户态 HOOK(一)](https://www.4hou.com/system/22258.html)
- 2019.12 [venus] [Linux HIDS agent 概要和用户态 HOOK(一)](https://paper.seebug.org/1102/)
- 2019.12 [jm33] [Hook System Calls in Linux 5.x](https://jm33.me/hook-system-calls-in-linux-5x.html)
- 2019.12 [aliyun] [Linux逆向之hook&注入](https://xz.aliyun.com/t/6883)
- 2019.02 [linuxgizmos] [Embedded vision cams use MIPI-CSI and USB3 Vision to hook up with Linux dev boards](http://linuxgizmos.com/embedded-vision-cams-use-mipi-csi-and-usb3-vision-to-hook-up-with-linux-dev-boards/)
- 2018.10 [aliyun] [Hooking linux内核函数(三):Ftrace的主要优缺点](https://xz.aliyun.com/t/2949)
- 2018.10 [aliyun] [Hooking linux内核函数(二):如何使用Ftrace hook函数](https://xz.aliyun.com/t/2948)
- 2018.10 [aliyun] [Hooking linux内核函数(一):寻找完美解决方案](https://xz.aliyun.com/t/2947)
- 2017.02 [forcepoint] [Detecting register-hooking Linux rootkits with Forcepoint Second Look](https://www.forcepoint.com/blog/security-labs/detecting-register-hooking-linux-rootkits-forcepoint-second-look)
- 2014.10 [allsoftwaresucks] [abusing Mesa by hooking ELFs and ioctl](http://allsoftwaresucks.blogspot.com/2014/10/abusing-mesa-by-hooking-elfs-and-ioctl.html)
- 2013.12 [HackersSecurity] [DEFCON 18: Function Hooking for Mac OSX and Linux](https://www.youtube.com/watch?v=MaIZ1TRc414)
- 2013.09 [pediy] [[原创]LINUX ELF HOOK DEMO源码](https://bbs.pediy.com/thread-178320.htm)
- 2010.03 [imthezuk] [Linux functions hooking using LD_PRELOAD - for fun and profit](https://imthezuk.blogspot.com/2010/03/easy-hooking-for-logging-purposes-with.html)

# Apple

***

## inspectivec

### 工具

- [**538**星][2y] [Objective-C++] [davidgoldman/inspectivec](https://github.com/davidgoldman/inspectivec) objc_msgSend hook for debugging/inspection purposes.

***

## captainhook

### 工具

- [**577**星][1y] [ObjC] [rpetrich/captainhook](https://github.com/rpetrich/captainhook) Common hooking/monkey patching headers for Objective-C on Mac OS X and iPhone OS. MIT licensed

***

## blockhook

### 工具

- [**581**星][5m] [C] [yulingtianxia/blockhook](https://github.com/yulingtianxia/blockhook) Hook Objective-C blocks. A powerful AOP tool.

***

## 工具

- [**2032**星][3y] [Swift] [urinx/iosapphook](https://github.com/urinx/iosapphook) 专注于非越狱环境下iOS应用逆向研究,从dylib注入,应用重签名到App Hook
- [**1122**星][2y] [ObjC] [yulingtianxia/fishchat](https://github.com/yulingtianxia/fishchat) Hook WeChat.app on non-jailbroken devices.
- [**129**星][6m] [C] [rodionovd/rd_route](https://github.com/rodionovd/rd_route) Function hooking for macOS
- [**123**星][4m] [ObjC] [smilezxlee/zxhookdetection](https://github.com/smilezxlee/zxhookdetection) 【iOS应用安全】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议示例)
- [**68**星][3y] [ObjC] [alayshchen/xcodeappplugintemplate](https://github.com/alayshchen/xcodeappplugintemplate) App Plugin Project Template For iOS App And Mac App. Make it easy to hook app.
- [**66**星][5m] [ObjC] [yulingtianxia/blocktracker](https://github.com/yulingtianxia/blocktracker) Tracking block args of Objective-C method based on BlockHook
- [**54**星][1m] [Perl] [theos/logos](https://github.com/theos/logos) Preprocessor that simplifies Objective-C hooking.
- [**53**星][4m] [ObjC] [smilezxlee/zxhookutil](https://github.com/smilezxlee/zxhookutil) 【iOS逆向】Tweak工具函数集,基于theos、monkeyDev

***

## 文章

- 2016.02 [360] [iOS冰与火之歌番外篇 - 在非越狱手机上进行App Hook](https://www.anquanke.com/post/id/83495/)
- 2013.03 [gdssecurity] [Retrieving Crypto Keys via iOS Runtime Hooking](https://blog.gdssecurity.com/labs/2013/3/5/retrieving-crypto-keys-via-ios-runtime-hooking.html)
- 2013.01 [Proteas] [Hook Objective-C 的方法](https://blog.csdn.net/Proteas/article/details/8477806)

# Android

***

## Hook位置

### ART

#### arthook

##### 工具

- [**332**星][4m] [Java] [mar-v-in/arthook](https://github.com/mar-v-in/arthook) Library for hooking on ART

##### 文章

- 2016.06 [securitygossip] [ArtHook: Callee-side Method Hook Injection on the New Android Runtime ART](http://securitygossip.com/blog/2016/06/29/2016-06-29/)

#### fasthook

##### 工具

- [**376**星][4m] [C] [turing-technician/fasthook](https://github.com/turing-technician/fasthook) Android ART Hook
- [**129**星][4m] [Java] [turing-technician/virtualfasthook](https://github.com/turing-technician/virtualfasthook) Android application hooking tool based on FastHook + VirtualApp

#### edxposed

##### 工具

- [**2236**星][4m] [Java] [elderdrivers/edxposed](https://github.com/elderdrivers/edxposed) Riru模块,试图提供一个ART挂钩框架(最初用于Android Pie),它提供与OG xpose一致的api,利用YAHFA(或SandHook)挂钩框架,支持Android 8.0 ~ 10。

#### yahfa

##### 工具

- [**764**星][25d] [Java] [pagalaxylab/yahfa](https://github.com/PAGalaxyLab/YAHFA) Yet Another Hook Framework for ART
- [**128**星][2y] [Java] [bmax121/budhook](https://github.com/bmax121/budhook) An Android hook framework written like Xposed,based on YAHFA.

##### 文章

- 2018.01 [360] [YAHFA--ART环境下的Hook框架](https://www.anquanke.com/post/id/96231/)

### Substrate

#### hooker

##### 工具

- [**372**星][29d] [Py] [androidhooker/hooker](https://github.com/androidhooker/hooker) Android应用程序动态分析。自动拦截和修改目标应用程序发出的任何API调用(利用Substrate )

***

## virtualhook

### 工具

- [**571**星][25d] [Java] [pagalaxylab/virtualhook](https://github.com/PAGalaxyLab/VirtualHook) 基于VirtualApp的Android应用Hook工具
- [**58**星][8m] [Java] [nightoftwelve/virtualhookex](https://github.com/nightoftwelve/virtualhookex) Android application hooking tool based on VirtualHook/VirtualApp

### 文章

- 2017.04 [pediy] [[原创]VirtualHook: 基于VirtualApp的Java代码hook工具](https://bbs.pediy.com/thread-216786.htm)

***

## sandhook

### 工具

- [**708**星][4m] [Java] [ganyao114/sandhook](https://github.com/ganyao114/sandhook) Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat

***

## legend

### 工具

- [**1463**星][1m] [Java] [aslody/legend](https://github.com/aslody/legend) (Android)无需Root即可Hook Java方法的框架, 支持Dalvik和Art环境

***

## xhook

### 工具

- [**1741**星][25d] [C] [iqiyi/xhook](https://github.com/iqiyi/xhook) a PLT (Procedure Linkage Table) hook library for Android native ELF

***

## androideagleeye

### 工具

- [**429**星][4y] [Makefile] [mindmac/androideagleeye](https://github.com/mindmac/androideagleeye) 一个基于xposed和adbi的模块,能够Hook Android操作系统的Java和原生方法

***

## 工具

- [**1990**星][27d] [Java] [tiann/epic](https://github.com/tiann/epic) 动态java方法AOP钩子用于Android(Dexposed on ART的延续),支持4.0~10.0
- [**1763**星][2y] [Java] [ac-pm/inspeckage](https://github.com/ac-pm/inspeckage) 使用api钩子进行动态分析,启动未导出的活动等等。(Xposed模块)
- [**789**星][2y] [C] [ele7enxxh/android-inline-hook](https://github.com/ele7enxxh/android-inline-hook) thumb16 thumb32 arm32 inlineHook in Android
- [**575**星][27d] [Java] [aslody/andhook](https://github.com/asLody/AndHook) Android dynamic instrumentation framework
- [**541**星][4m] [Java] [windysha/xpatch](https://github.com/windysha/xpatch) 个重新打包apk文件的工具,然后apk可以加载安装在设备中的任何xposed模块
- [**448**星][5y] [C++] [boyliang/allhookinone](https://github.com/boyliang/allhookinone) all method hook approachs for android such as dalvik hook, art hook, elf hook and inline hook
- [**401**星][5m] [Java] [pqpo/inputmethodholder](https://github.com/pqpo/inputmethodholder) 通过hook(InputMethodManager)监听系统键盘显示(Android)
- [**291**星][1m] [Py] [antojoseph/frida-android-hooks](https://github.com/antojoseph/frida-android-hooks) Lets you hook Method Calls in Frida ( Android )
- [**220**星][2y] [C] [gtoad/android_inline_hook](https://github.com/gtoad/android_inline_hook) 构建一个so文件来自动执行android_native_hook工作
- [**216**星][3y] [Java] [zhengmin1989/wechatsportcheat](https://github.com/zhengmin1989/wechatsportcheat) 手把手教你当微信运动第一名 – 利用Android Hook进行微信运动作弊
- [**195**星][6m] [Java] [panhongwei/androidmethodhook](https://github.com/panhongwei/androidmethodhook) android art hook like Sophix
- [**190**星][5m] [C++] [aslody/elfhook](https://github.com/aslody/elfhook) modify PLT to hook api, supported android 5\6.
- [**179**星][1m] [Java] [546669204/wechatbot-xposed](https://github.com/546669204/wechatbot-xposed) A WeChat robot unit ,based on the android xposed framework hook to implement WeChat app robot functions
- [**148**星][5m] [Java] [zhouat/inject-hook](https://github.com/zhouat/inject-hook) for android
- [**120**星][4m] [C++] [melonwxd/elfhooker](https://github.com/melonwxd/elfhooker) 兼容Android 32位和64位。基于EFL文件格式Hook的demo,hook了SurfaceFlinger进程的eglSwapBuffers函数,替换为new_eglSwapBuffers
- [**104**星][5y] [Java] [rednaga/dexhook](https://github.com/rednaga/dexhook) DexHook is a xposed module for capturing dynamically loaded dex files.
- [**99**星][2y] [Java] [piasy/fridaandroidtracer](https://github.com/piasy/fridaandroidtracer) A runnable jar that generate Javascript hook script to hook Android classes.
- [**99**星][4m] [C++] [woxihuannisja/stormhook](https://github.com/woxihuannisja/stormhook) StormHook is a Android Hook Framework for Dalvik and Art
- [**63**星][28d] [JS] [northwavenl/fridax](https://github.com/northwavenl/fridax) Fridax enables you to read variables and intercept/hook functions in Xamarin/Mono JIT and AOT compiled iOS/Android applications.
- [**56**星][1m] [Rust] [nccgroup/assethook](https://github.com/nccgroup/assethook) LD_PRELOAD magic for Android's AssetManager
- [**51**星][2m] [Py] [hrkfdn/deckard](https://github.com/hrkfdn/deckard) Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks
- [**51**星][5y] [C++] [ikoz/androidsubstrate_hookingc_examples](https://github.com/ikoz/androidsubstrate_hookingc_examples) AndroidSubstrate_hookingC_examples
- [**48**星][5m] [C] [shunix/androidgothook](https://github.com/shunix/androidgothook) GOT Hook implemented in Android
- [**42**星][29d] [C++] [chickenhook/chickenhook](https://github.com/chickenhook/chickenhook) A linux / android / MacOS hooking framework
- [**34**星][2m] [TS] [igio90/frida-onload](https://github.com/igio90/frida-onload) Frida module to hook module initializations on android
- [**25**星][3m] [C++] [dodola/dinlinehook](https://github.com/dodola/dinlinehook) simple art inline hook
- [**23**星][6m] [C++] [legendl3n/smarthooker](https://github.com/legendl3n/smarthooker) The smartest hooking library.
- [**17**星][29d] [Py] [margular/frida-skeleton](https://github.com/margular/frida-skeleton) 本项目旨在帮助安卓测试工程师更方便地hook apk,并且自带证书绑定绕过功能
- [**17**星][25d] [C++] [vito11/camerahook](https://github.com/vito11/camerahook) An prototype to hook android camera preview data of third-party and system apps
- [**15**星][2m] [Java] [pnfsoftware/jeb2-andhook](https://github.com/pnfsoftware/jeb2-andhook)
- [**2**星][4y] [Java] [nodoraiz/latchhooks](https://github.com/nodoraiz/latchhooks) Hack for Android app hooking using latch
- [**0**星][4y] [serval-snt-uni-lu/hookranker](https://github.com/serval-snt-uni-lu/hookranker) Automatically Locating Malicious Payload in Piggybacked Android Apps (A Hook Ranking Approach)
- [**None**星][C] [gtoad/android_inline_hook_arm64](https://github.com/gtoad/android_inline_hook_arm64) Build an .so file to automatically do the android_native_hook work. Supports ARM64 ! With this, tools like Xposed can do android native hook.
- [**None**星][C++] [rprop/and64inlinehook](https://github.com/rprop/and64inlinehook) Lightweight ARMv8-A(ARM64, AArch64, Little-Endian) Inline Hook Library for Android C/C++
- [**None**星][Py] [fanxs-t/android-ssl_read-write-hook](https://github.com/fanxs-t/android-ssl_read-write-hook) Hook SSL_read and SSL_write functions in the Android application with Frida.

***

## 文章

- 2019.01 [fuping] [安卓APP测试之HOOK大法-Xposed篇](https://fuping.site/2019/01/28/Xposed-Hook-SoulApp/)
- 2019.01 [pediy] [[原创]尝试着实现了一个 ART Hook](https://bbs.pediy.com/thread-249163.htm)
- 2019.01 [fuping] [安卓APP测试之HOOK大法-Frida篇](https://fuping.site/2019/01/25/Frida-Hook-SoulAPP/)
- 2019.01 [pediy] [[原创]介召几个frida在安卓逆向中使用的脚本以及延时Hook手法](https://bbs.pediy.com/thread-248848.htm)
- 2018.11 [bugbountywriteup] [Android Hook — ASIS CTF Final 2018 — Gunshops Question Walkthrough](https://medium.com/p/ae5dfe8b5df0)
- 2018.09 [pediy] [[原创]Android Hook 系列教程(二) 自己写APK实现Hook Java层函数](https://bbs.pediy.com/thread-247051.htm)
- 2018.09 [pediy] [[原创]Android Hook 系列教程(一) Xposed Hook 原理分析](https://bbs.pediy.com/thread-247030.htm)
- 2017.11 [pediy] [[原创]Epic——ART上的Dexposed(无侵入式Hook框架)](https://bbs.pediy.com/thread-222931.htm)
- 2017.08 [pediy] [[原创]StormHook:Android侵入式Hook框架](https://bbs.pediy.com/thread-220760.htm)
- 2017.06 [4hou] [AssetHook:Android应用资源数据运行时编辑工具](http://www.4hou.com/technology/5069.html)
- 2017.05 [pediy] [[原创]全能HOOK框架 JNI NATIVE JAVA ART DALVIK](https://bbs.pediy.com/thread-217587.htm)
- 2017.03 [aliyun] [浅谈Android Hook技术](https://xz.aliyun.com/t/230)
- 2017.02 [360] [使用高级反调试与反HOOK的安卓恶意ROOT软件的深度分析(二):JAVA层分析](https://www.anquanke.com/post/id/85427/)
- 2017.02 [360] [使用高级反调试与反HOOK的安卓恶意ROOT软件的深度分析(一):NATIVE层的调试](https://www.anquanke.com/post/id/85426/)
- 2017.01 [360] [hook Android系统调用的乐趣和好处](https://www.anquanke.com/post/id/85375/)
- 2017.01 [pediy] [[原创]安卓Hook函数的复杂参数如何给定?](https://bbs.pediy.com/thread-215039.htm)
- 2016.09 [pediy] [[分享]Hook Android C代码基础总结](https://bbs.pediy.com/thread-212943.htm)
- 2016.03 [sensepost] [Android hooking with Introspy](https://sensepost.com/blog/2016/android-hooking-with-introspy/)
- 2016.01 [ele7enxxh] [Android Arm Inline Hook](http://ele7enxxh.com/Android-Arm-Inline-Hook.html)
- 2016.01 [freebuf] [Android系统调用hook研究(一)](http://www.freebuf.com/articles/system/93168.html)
- 2015.12 [d3adend] [Android Anti-Hooking Techniques in Java](https://d3adend.org/blog/posts/android-anti-hooking-techniques-in-java/)
- 2015.12 [d3adend] [Android Anti-Hooking Techniques in Java](http://d3adend.org/blog/?p=589)
- 2015.11 [pediy] [[原创]开源 Android inline hook](https://bbs.pediy.com/thread-205741.htm)
- 2015.09 [pediy] [[原创]Android5.1 Art Hook 技术分享,求加精转正式会员](https://bbs.pediy.com/thread-204183.htm)
- 2015.09 [360] [手把手教你当微信运动第一名 – 利用Android Hook进行微信运动作弊](https://www.anquanke.com/post/id/82323/)
- 2015.06 [koz] [Substrate - hooking C on Android](https://koz.io/android-substrate-c-hooking/)
- 2015.05 [evilsocket] [Android Native API Hooking With Library Injection and ELF Introspection.](https://www.evilsocket.net/2015/05/04/android-native-api-hooking-with-library-injecto/)
- 2015.04 [L173864930] [Android Art Hook 技术方案](https://blog.csdn.net/L173864930/article/details/45035521)
- 2015.01 [freebuf] [使用渗透测试框架Xposed Framework hook调试Android APP](http://www.freebuf.com/articles/terminal/56453.html)
- 2015.01 [attify] [Xposed Framework for Android Hooking](http://blog.attify.com/2015/01/04/xposed-framework-android-hooking/)
- 2015.01 [attify] [Xposed Framework for Android Hooking](https://blog.attify.com/xposed-framework-android-hooking/)
- 2014.11 [ele7enxxh] [Android GOT表HOOK技术](http://ele7enxxh.com/Android-Shared-Library-Hook-With-GOT.html)
- 2014.10 [L173864930] [基于Android的ELF PLT/GOT符号重定向过程及ELF Hook实现(by 低端码农 2014.10.27)](https://blog.csdn.net/L173864930/article/details/40507359)
- 2014.10 [pediy] [[原创]基于Android的ELF PLT/GOT符号重定向过程及ELF Hook实现](https://bbs.pediy.com/thread-193720.htm)
- 2014.08 [Roland] [Android平台下Dalvik层hook框架ddi的研究](https://blog.csdn.net/Roland_Sun/article/details/38640297)
- 2014.06 [Roland] [Android平台下hook框架adbi的研究(下)](https://blog.csdn.net/Roland_Sun/article/details/36049307)
- 2014.06 [Roland] [Android平台下hook框架adbi的研究(上)](https://blog.csdn.net/Roland_Sun/article/details/34109569)
- 2014.03 [pediy] [[原创]注入安卓进程,并hook java世界的方法](https://bbs.pediy.com/thread-186054.htm)
- 2013.12 [u011069813] [Android中的so注入(inject)和挂钩(hook) - For both x86 and arm](https://blog.csdn.net/u011069813/article/details/17285009)
- 2013.11 [] [Android下通过hook技术实现透明加解密保障数据安全](http://www.91ri.org/7714.html)
- 2013.08 [jinzhuojun] [Android中的so注入(inject)和挂钩(hook) - For both x86 and arm](https://blog.csdn.net/jinzhuojun/article/details/9900105)
- 2013.07 [u011069813] [android hook api](https://blog.csdn.net/u011069813/article/details/9271851)

# 新添加

***

## Inline-Hook

### 工具

- [**277**星][3y] [C++] [gellin/teamviewer_permissions_hook_v1](https://github.com/gellin/teamviewer_permissions_hook_v1) 可注入的c++ dll,它使用裸内联连接和直接内存修改来更改您的TeamViewer权限
- [**212**星][3y] [C] [silvermoonsecurity/passivefuzzframeworkosx](https://github.com/silvermoonsecurity/passivefuzzframeworkosx) This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.
- [**75**星][2y] [C] [chinatiny/inlinehooklib](https://github.com/chinatiny/inlinehooklib) 同时支持用户和内核模式的Inlinehook库
- [**67**星][5y] [C] [malwaretech/basichook](https://github.com/malwaretech/basichook) x86 Inline hooking engine (using trampolines)
- [**15**星][3m] [C] [zzy590/basiclibpp](https://github.com/zzy590/basiclibpp) A powerful library for inline-hook,lock,compress etc,and it is useful for anti-virus software.
- [**14**星][2y] [C] [gtoad/android_inline_hook_arm_example](https://github.com/gtoad/android_inline_hook_arm_example)
- [**10**星][2y] [C] [gtoad/android_inline_hook_thumb_example](https://github.com/gtoad/android_inline_hook_thumb_example)
- [**4**星][2y] [C++] [wanttobeno/ade32_inlinehook](https://github.com/wanttobeno/ade32_inlinehook) 基于ADE32的inlineHook

### 文章

- 2019.06 [aliyun] [手游外挂基础篇之inline-hook](https://xz.aliyun.com/t/5397)
- 2018.11 [n0where] [Investigate Inline Hooks: PE-sieve](https://n0where.net/investigate-inline-hooks-pe-sieve)
- 2018.04 [pediy] [[原创]unity3d手游破解(三)--基于inline hook](https://bbs.pediy.com/thread-226261.htm)
- 2018.04 [pediy] [分享一个任意点hook的inlinehook库(同时支持用户和内核)](https://bbs.pediy.com/thread-225863.htm)
- 2018.04 [pediy] [[原创]inlineHook学习分析](https://bbs.pediy.com/thread-225662.htm)
- 2017.12 [pediy] [[翻译]理解/检测 Inline Hooks/ WinAPI Hooks (Ring3)](https://bbs.pediy.com/thread-223317.htm)
- 2017.12 [userpc] [理解/检测内联 Hook 和 WinAPI Hook](https://userpc.net/2017/12/03/understanding-detecting-inline-hooks-winapi-hooks-ring3/)
- 2017.07 [pediy] [dexdump 介绍](https://bbs.pediy.com/thread-218936.htm)
- 2017.06 [pediy] [[原创] 重载可执行文件实现高效inline-hook 【源码】](https://bbs.pediy.com/thread-218166.htm)
- 2016.09 [0x00sec] [User Mode Rootkits: IAT and Inline Hooking](https://0x00sec.org/t/user-mode-rootkits-iat-and-inline-hooking/1108/)
- 2015.11 [ele7enxxh] [ARM平台backtrace与inlineHook多线程安全浅析](http://ele7enxxh.com/Analysis-Of-Backtrace-And-Inline-Hook-Thread-Safety-On-The-ARM-Platform.html)
- 2015.02 [pediy] [[原创]Cydia Substrate Inline Hook若干bug修复方案](https://bbs.pediy.com/thread-197865.htm)
- 2014.12 [pediy] [[原创]inline hook 入门教程](https://bbs.pediy.com/thread-195503.htm)
- 2014.05 [pediy] [[原创]inline hook](https://bbs.pediy.com/thread-188324.htm)
- 2014.01 [pediy] [[原创]x64 ring3 inline-hook](https://bbs.pediy.com/thread-183367.htm)
- 2013.10 [pediy] [[原创]Inline hook中继函数通用汇编宏](https://bbs.pediy.com/thread-179632.htm)
- 2013.09 [debasish] [Inline API Hooking using DLL Injection](http://www.debasish.in/2013/09/inline-api-hooking-using-dll-injection.html)
- 2013.09 [pediy] [[原创]InlineHook网络数据发送接收函数(反钓鱼,反盗号)](https://bbs.pediy.com/thread-178806.htm)
- 2013.06 [pediy] [比较稳定的ring3 API HeadInline HOOK,QQ显IP。。](https://bbs.pediy.com/thread-174464.htm)
- 2013.04 [pediy] [[原创]Hide your InlineHook in Xuetr、Gmer、RKU、KD(技术解封专题)](https://bbs.pediy.com/thread-170503.htm)
- 2013.03 [pediy] [[原创]ring3下的Inline hook](https://bbs.pediy.com/thread-167042.htm)
- 2012.08 [pediy] [[原创]hook类,支持inline hook,ita hook,输出 表hook,过滤等等功能,申请加精](https://bbs.pediy.com/thread-154721.htm)
- 2012.08 [pediy] [[分享]再来一种内核 inlinehook 的隐藏方法](https://bbs.pediy.com/thread-154384.htm)
- 2012.05 [crowdstrike] [ARMv7/Thumb2 Inline Code Hooking](https://www.crowdstrike.com/blog/armv7thumb2-inline-code-hooking/)
- 2012.02 [pediy] [[原创]自己动手,制作inline hook扫描工具](https://bbs.pediy.com/thread-147059.htm)
- 2012.01 [pediy] [[原创]C++还原ring3 Inline Hook(附源码)](https://bbs.pediy.com/thread-145825.htm)
- 2011.07 [pediy] [[原创]小菜也玩inline hook -------GetWindowText](https://bbs.pediy.com/thread-137206.htm)
- 2011.05 [pediy] [[原创]发一个自己平时用的简单inlinehook的类](https://bbs.pediy.com/thread-133341.htm)
- 2011.02 [pediy] [[己解决]inline hook的恢复](https://bbs.pediy.com/thread-128924.htm)
- 2011.01 [pediy] [[原创]inline-hook和object双HOOK联合调用拒绝WIN打开服务](https://bbs.pediy.com/thread-128506.htm)
- 2010.08 [pediy] [[原创]ring0 head inline hook lib](https://bbs.pediy.com/thread-119571.htm)
- 2010.04 [pediy] [[原创]内核所有模块导出函数inlinehook检测](https://bbs.pediy.com/thread-110216.htm)
- 2010.02 [pediy] [[原创]如何InlineHook IoCallDriver来保护文件](https://bbs.pediy.com/thread-106481.htm)
- 2009.11 [pediy] [[原创]菜鸟理解的inlineHook的要点(RootkitUnhook无法检测)](https://bbs.pediy.com/thread-101825.htm)
- 2009.11 [pediy] [[原创]inlineHook的入学者的拙见](https://bbs.pediy.com/thread-101362.htm)
- 2009.09 [pediy] [[原创]详谈内核三步走Inline Hook实现](https://bbs.pediy.com/thread-98493.htm)
- 2009.09 [pediy] [[原创]绕过函数头INLINE HOOK](https://bbs.pediy.com/thread-97281.htm)
- 2009.07 [pediy] [[原创]inline hook NtQuerySystemInformation 保护进程](https://bbs.pediy.com/thread-93531.htm)
- 2009.03 [pediy] [[原创]山寨Fsd Inline Hook](https://bbs.pediy.com/thread-85020.htm)
- 2008.11 [pediy] [[原创]放个inline Hook的工程](https://bbs.pediy.com/thread-77467.htm)
- 2008.09 [pediy] [[原创]简单的双核下inline hook.r3](https://bbs.pediy.com/thread-72936.htm)
- 2008.08 [pediy] [[原创]ring3 & ring0 通用InlineHook代码(修补)](https://bbs.pediy.com/thread-71480.htm)
- 2008.07 [pediy] [[原创]Ring3下Inline Hook MessageBox(演示)](https://bbs.pediy.com/thread-69666.htm)
- 2008.05 [pediy] [[原创]简单inline hook ObReferenceObjectByHandle保护进程和屏蔽文件执行](https://bbs.pediy.com/thread-65731.htm)
- 2008.05 [pediy] [[原创]fsd inline hook](https://bbs.pediy.com/thread-64809.htm)
- 2008.05 [pediy] [[分享]inline hook NtQueryDirectoryFile](https://bbs.pediy.com/thread-64502.htm)
- 2008.04 [pediy] [[原创]inline hook和IDT hook结合](https://bbs.pediy.com/thread-63833.htm)
- 2008.04 [pediy] [[原创]inline hook未导出函数PspTerminateProcess](https://bbs.pediy.com/thread-62450.htm)
- 2008.01 [pediy] [[原创]rootkit hook之[三] inline hook](https://bbs.pediy.com/thread-59127.htm)
- 2008.01 [pediy] [[分享]射-->XP/2003/VISTA的简单INLINE HOOK](https://bbs.pediy.com/thread-58859.htm)
- 2006.07 [pediy] [[翻译]InLine Patching Protected Application By Hook API Function](https://bbs.pediy.com/thread-29594.htm)
- 2006.03 [pediy] [[转帖]kernel inline hook](https://bbs.pediy.com/thread-22707.htm)

***

## Syscall-Hook

### 工具

- [**18**星][1y] [C] [plexsolutions/readhook](https://github.com/plexsolutions/readhook) Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

### 文章

- 2016.12 [360] [Rootkit技术入门:从syscall到hook!](https://www.anquanke.com/post/id/85202/)

***

## API-Hook

### 工具

- [**509**星][1m] [C++] [0x09al/rdpthief](https://github.com/0x09al/rdpthief) Extracting Clear Text Passwords from mstsc.exe using API Hooking.
- [**315**星][4m] [C] [outflanknl/dumpert](https://github.com/outflanknl/dumpert) LSASS memory dumper using direct system calls and API unhooking.
- [**304**星][2y] [C] [nektra/deviare2](https://github.com/nektra/deviare2) Deviare API Hook
- [**136**星][4m] [C] [hoshimin/hooklib](https://github.com/hoshimin/hooklib) The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
- [**54**星][5m] [C] [passingtheknowledge/ganxo](https://github.com/passingtheknowledge/ganxo) An opensource API hooking framework
- [**40**星][3y] [C++] [tanninone/usvfs](https://github.com/tanninone/usvfs) library using api hooking to implement process-local filesystem-independent file links.
- [**35**星][4m] [C++] [xrivendell/pcsgolh](https://github.com/xrivendell/pcsgolh) PCSGOLH - Pointless Counter-Strike: Global Offensive Lua Hooks. A open-source Lua API for CS:GO hacking written in modern C++
- [**28**星][6m] [JS] [shanselman/daskeyboard-q-nightscout](https://github.com/shanselman/daskeyboard-q-nightscout) Hooking up the DasKeyboard Q REST API to change the key colors in response to diabetic's glucose from NightScout
- [**11**星][2m] [Pascal] [oranke/proxy-dll-generator](https://github.com/oranke/proxy-dll-generator) PROXY DLL Generator / for very simple API Hooking.
- [**9**星][4y] [C++] [jonasblunck/dynhook](https://github.com/jonasblunck/dynhook) Example library for how to dynamically/statically hook/intercept unmanaged functions and APIs
- [**9**星][3m] [C++] [hidd3ncod3s/runpedmp](https://github.com/hidd3ncod3s/runpedmp) RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the API's i hook and to dump the memory while it is using RunPE/PH techniques.
- [**8**星][4m] [C++] [nybble04/shady-hook](https://github.com/nybble04/shady-hook) Hooking API calls of a Ransomware
- [**4**星][2y] [C++] [a7031x/hookapi](https://github.com/a7031x/hookapi) Handy way to hook x86 or x64 API
- [**4**星][29d] [C] [microwave89/ntapihook](https://github.com/microwave89/ntapihook) Attempt to Create a Simple and Light-weight Hook Engine Without Use of an LDE
- [**None**星][C++] [vovkos/protolesshooks](https://github.com/vovkos/protolesshooks) API monitoring via return-hijacking thunks; works without information about target function prototypes.

### 文章

- 2020.05 [apriorit] [3 Effective DLL Injection Techniques for Setting API Hooks](https://www.apriorit.com/dev-blog/679-windows-dll-injection-for-api-hooks)
- 2019.12 [trendmicro] [Waterbear is Back, Uses API Hooking to Evade Security Product Detection](https://blog.trendmicro.com/trendlabs-security-intelligence/waterbear-is-back-uses-api-hooking-to-evade-security-product-detection/)
- 2019.11 [hakin9] [RdpThief - Extracting Clear Text Passwords from mstsc.exe using API Hooking](https://hakin9.org/rdpthief-extracting-clear-text-passwords-from-mstsc-exe-using-api-hooking/)
- 2019.11 [steve] [Equifax is Nowhere Near Off the Hook and CapitalOne Should be Scared.](https://www.peerlyst.com/posts/equifax-is-nowhere-near-off-the-hook-and-capitalone-should-be-scared-steve-king)
- 2019.08 [bromium] [Agent Tesla: Evading EDR by Removing API Hooks](https://www.bromium.com/agent-tesla-evading-edr-by-removing-api-hooks/)
- 2018.04 [OALabs] [Unpacking VB6 Packers With IDA Pro and API Hooks (Re-Upload)](https://www.youtube.com/watch?v=ylWInOcQy2s)
- 2018.01 [OALabs] [Analyze JavaScript and VBScript Malware With x64dbg Debugger and API Hooking](https://www.youtube.com/watch?v=uqhBsWXUw7Q)
- 2017.06 [lallouslab] [Introducing Ganxo v0.1 – An open source API hooking framework](http://lallouslab.net/2017/06/26/introducing-ganxo-v0-1-an-open-source-api-hooking-framework/)
- 2017.05 [] [Introducing Ganxo v0.1 Alpha – An open source API hooking framework](http://0xeb.net/2017/05/introducing-ganxo-v0-1-alpha-an-open-source-api-hooking-framework/)
- 2016.12 [adelmas] [API Hooking with IDA Pro](http://adelmas.com/blog/ida_api_hooking.php)
- 2016.01 [pediy] [[原创]简单易用,并且最全,也适合初学者的API HOOK](https://bbs.pediy.com/thread-206885.htm)
- 2015.06 [pediy] [[原创][封装]简单易用的Api Hook函数 - MyApiHookFun](https://bbs.pediy.com/thread-201300.htm)
- 2014.03 [pediy] [[原创]runas自动输入密码(使用api hook实现)](https://bbs.pediy.com/thread-185411.htm)
- 2013.05 [pediy] [[原创]无需偷代码的API HOOK](https://bbs.pediy.com/thread-170800.htm)
- 2013.04 [pediy] [[原创]小菜关于VC6release版本程序无法HOOK目标API的问题的探究](https://bbs.pediy.com/thread-170774.htm)
- 2013.04 [pediy] [[求助]VC6release版本程序的HOOK函数无法实现对导入表中目标API的覆盖](https://bbs.pediy.com/thread-170694.htm)
- 2013.01 [volatility] [HowTo: Extract "Hidden" API-Hooking BHO DLLs](https://volatility-labs.blogspot.com/2013/01/howto-extract-hidden-api-hooking-bho.html)
- 2012.06 [pediy] [[原创]hookQQ-API拦截QQ聊天记录-有图有码](https://bbs.pediy.com/thread-152085.htm)
- 2012.04 [pediy] [[原创]API HOOK 辅助工具(开源)](https://bbs.pediy.com/thread-149895.htm)
- 2012.02 [pediy] [[原创]API HOOK限制指定目录下的程序创建进程](https://bbs.pediy.com/thread-146878.htm)
- 2012.02 [vxsecurity] [ApiMapSet Hooking (short guide)](http://www.vxsecurity.sg/2012/02/14/apimapset-hooking-short-guide/)
- 2011.06 [pediy] [[翻译]API hooking revealed(自己翻译的)](https://bbs.pediy.com/thread-136091.htm)
- 2011.02 [codereversing] [API Hooking Through Near Call Replacement](http://www.codereversing.com/blog/archives/69)
- 2010.11 [pediy] [[原创]HOOK API 入门讲解, 高手请飘过](https://bbs.pediy.com/thread-124355.htm)
- 2010.10 [pediy] [[原创]打造史上最完整APIHOOK完整开发库](https://bbs.pediy.com/thread-122411.htm)
- 2010.09 [pediy] [[原创]关于壳中APIHOOK的一点点解析](https://bbs.pediy.com/thread-120750.htm)
- 2010.07 [pediy] [[原创]Ring3层Native API hook 的实现](https://bbs.pediy.com/thread-116630.htm)
- 2010.06 [pediy] [[原创][更新]Extreme HookEngine——Ring3 API Hook 静态库](https://bbs.pediy.com/thread-115739.htm)
- 2009.05 [pediy] [[原创]HOOK API续之模拟覆盖法 实例 AntiDesktop](https://bbs.pediy.com/thread-90303.htm)
- 2009.05 [pediy] [[原创]dll 全局api hook 一例(附代码)](https://bbs.pediy.com/thread-90109.htm)
- 2009.04 [pediy] [[分享]Delphi的LPK的APIHOOK源码](https://bbs.pediy.com/thread-87258.htm)
- 2009.04 [pediy] [[原创]简单hook api 的实现](https://bbs.pediy.com/thread-85719.htm)
- 2008.09 [evilcodecave] [Fast ApiSpy (of DeviceIoControl) via oSpy2 Defined Hook](https://evilcodecave.wordpress.com/2008/09/06/fast-apispy-of-deviceiocontrol-via-ospy2-defined-hook/)
- 2008.08 [pediy] [[原创]汇编ring3下实现HOOK API续之模拟覆盖法](https://bbs.pediy.com/thread-70987.htm)
- 2008.06 [pediy] [[原创]扫盲之Api Hook 细析(一)](https://bbs.pediy.com/thread-66148.htm)
- 2008.04 [pediy] [[原创]Hook Api Library 0.2[Ring0]& LDE32引擎[Ring0] For Delphi](https://bbs.pediy.com/thread-63986.htm)
- 2008.04 [pediy] [[原创]Hook Api lib 0.5 - 2008.04.16更新](https://bbs.pediy.com/thread-63212.htm)
- 2008.01 [pediy] [[原创]Hook Api lib 0.4 for C](https://bbs.pediy.com/thread-58101.htm)
- 2007.11 [pediy] [[原创]HookApi中学习PE文件格式(二)[原创]](https://bbs.pediy.com/thread-54960.htm)
- 2007.11 [pediy] [[原创]HookApi中学习PE文件格式(一)[原创]](https://bbs.pediy.com/thread-54930.htm)
- 2007.11 [pediy] [[原创]一个纯汇编写的Hook API的例子!!!](https://bbs.pediy.com/thread-54198.htm)
- 2007.09 [pediy] [[原创]汇编ring3下实现HOOK API续之备份函数法 (非安全 )](https://bbs.pediy.com/thread-51685.htm)
- 2007.08 [pediy] [[分享]HOOK API LIB 0.3 for VC](https://bbs.pediy.com/thread-50493.htm)
- 2007.08 [pediy] [[分享]API Hook程序](https://bbs.pediy.com/thread-48984.htm)
- 2007.07 [pediy] [[原创]关于RegisterUserApiHook](https://bbs.pediy.com/thread-48437.htm)
- 2007.07 [pediy] [[原创]hook api 反OD调试的一种思路](https://bbs.pediy.com/thread-48413.htm)
- 2007.07 [pediy] [[原创]Anti HookAPI学习笔记](https://bbs.pediy.com/thread-47605.htm)
- 2007.05 [pediy] [HookAPI 1.62](https://bbs.pediy.com/thread-45079.htm)
- 2007.05 [pediy] [[原创]汇编ring3下实现HOOK API续之备份函数法](https://bbs.pediy.com/thread-44318.htm)
- 2007.03 [pediy] [[分享]西裤哥的 Hook Api Lib 0.2 For C](https://bbs.pediy.com/thread-41387.htm)
- 2007.02 [trendmicro] [GOOGLE AJAX API Hooked](https://blog.trendmicro.com/trendlabs-security-intelligence/google-ajax-api-hooked/)
- 2007.01 [pediy] [[原创]API-HOOK and ANTI-API-HOOK For Ring3](https://bbs.pediy.com/thread-37586.htm)
- 2006.12 [pediy] [[分享]HOOK API Lib 0.1 For Delphi](https://bbs.pediy.com/thread-35953.htm)
- 2006.12 [pediy] [.........关于绕行HOOK ,跳过API拦截的讨论..........](https://bbs.pediy.com/thread-35752.htm)
- 2006.09 [pediy] [纯Delphi实现,Hook API实现进程隐藏代码!](https://bbs.pediy.com/thread-31428.htm)
- 2006.07 [pediy] [汇编ring3下实现HOOK API[原创]](https://bbs.pediy.com/thread-28895.htm)
- 2006.03 [pediy] [[转帖]HOOK其他进程API和全局HOOK-API](https://bbs.pediy.com/thread-22337.htm)
- 2006.03 [pediy] [[转帖] 修改IAT,HOOK API](https://bbs.pediy.com/thread-22336.htm)
- 2006.03 [pediy] [[转帖]覆盖地址HOOK API](https://bbs.pediy.com/thread-22334.htm)
- 2005.08 [pediy] [ApiHook,InjectDll 单元及其应用 [Delphi代码]](https://bbs.pediy.com/thread-16088.htm)
- 2005.08 [pediy] [Hook API lib (含源码)](https://bbs.pediy.com/thread-16061.htm)

***

## Un-Hook

### 工具

- [**128**星][2y] [C] [cylancevulnresearch/reflectivedllrefresher](https://github.com/cylancevulnresearch/reflectivedllrefresher) Universal Unhooking
- [**23**星][6m] [C++] [apriorit/simple-antirootkit-sst-unhooker](https://github.com/apriorit/simple-antirootkit-sst-unhooker) This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks

### 文章

- 2017.03 [cylance] [Cylance vs. Universal Unhooking Attack](https://www.cylance.com/en_us/blog/cylance-vs-universal-unhooking.html)
- 2017.03 [4hou] [如何使用Unhook技术绕过安全软件的防护?](http://www.4hou.com/technology/3666.html)
- 2017.02 [cylance] [Universal Unhooking: Blinding Security Software](https://www.cylance.com/en_us/blog/universal-unhooking-blinding-security-software.html)

***

## 工具

- [**302**星][29d] [Py] [boppreh/mouse](https://github.com/boppreh/mouse) Hook and simulate global mouse events in pure Python
- [**220**星][2y] [C++] [bromiumlabs/packerattacker](https://github.com/bromiumlabs/packerattacker) C++ application that uses memory and code hooks to detect packers
- [**219**星][4m] [C] [silight-jp/mactype-patch](https://github.com/silight-jp/mactype-patch) MacType Patch for DirectWrite Hook
- [**202**星][6m] [ObjC] [lmsgsendnilself/hookstatistics](https://github.com/lmsgsendnilself/hookstatistics) Logging args based on AOP(Aspectoriented programming)by Method Swizzling
- [**175**星][27d] [C] [kubo/funchook](https://github.com/kubo/funchook) Hook function calls by inserting jump instructions at runtime
- [**151**星][6m] [C] [zmrbak/pcwechathook](https://github.com/zmrbak/pcwechathook) 云课堂《2019 PC微信 探秘》示例代码
- [**150**星][28d] [C] [vmcall/dxgkrnl_hook](https://github.com/vmcall/dxgkrnl_hook) C++ graphics kernel subsystem hook
- [**144**星][2m] [Py] [ethanhs/pyhooked](https://github.com/ethanhs/pyhooked) Pure Python hotkey hook, with thanks to pyHook and pyhk
- [**141**星][6m] [C++] [hasherezade/iat_patcher](https://github.com/hasherezade/iat_patcher) Persistent IAT hooking application - based on bearparser
- [**140**星][30d] [Py] [safebreach-labs/pyekaboo](https://github.com/safebreach-labs/pyekaboo) Proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variable
- [**139**星][10m] [C#] [unknownv2/corehook](https://github.com/unknownv2/corehook) A library that simplifies intercepting application function calls using managed code and the .NET Core runtime
- [**132**星][2y] [C++] [m0n0ph1/iat-hooking-revisited](https://github.com/m0n0ph1/iat-hooking-revisited) Import address table (IAT) hooking is a well documented technique for intercepting calls to imported functions.
- [**128**星][9m] [Go] [bshuster-repo/logrus-logstash-hook](https://github.com/bshuster-repo/logrus-logstash-hook)
- [**125**星][1m] [C] [gdabah/distormx](https://github.com/gdabah/distormx) The ultimate hooking library
- [**118**星][29d] [JS] [skepticfx/hookish](https://github.com/skepticfx/hookish) Hooks in to interesting functions and helps reverse the web app faster.
- [**116**星][2m] [Go] [mattbostock/go-ldpreload-backdoor](https://github.com/mattbostock/go-ldpreload-backdoor) LD_PRELOAD libc hooking using Go
- [**114**星][2m] [Ruby] [spiderlabs/beef_injection_framework](https://github.com/spiderlabs/beef_injection_framework) Inject beef hooks into HTTP traffic and track hooked systems from cmdline
- [**110**星][2m] [C] [hc0d3r/sudohulk](https://github.com/hc0d3r/sudohulk) 使用ptraceHook系统调用execve, 监控并修改sudo命令的参数
- [**109**星][1m] [Py] [eset/vba-dynamic-hook](https://github.com/eset/vba-dynamic-hook) dynamically analyzes VBA macros inside Office documents by hooking function calls
- [**109**星][4m] [Py] [infertux/zeyple](https://github.com/infertux/zeyple) Postfix filter/hook to automatically encrypt outgoing emails with PGP/GPG
- [**106**星][2m] [Java] [pqpo/methodhook](https://github.com/pqpo/methodhook) hook java methods
- [**105**星][1m] [Py] [c0demap/codemap](https://github.com/c0demap/codemap) Hook IDA,调试命中断点时将寄存器/内存信息保存到数据库,在web浏览器中查看
- [IDA插件](https://github.com/c0demap/codemap/blob/master/idapythonrc.py)
- [Web服务器](https://github.com/c0demap/codemap/tree/master/codemap/server)
- [**99**星][4y] [C] [ionescu007/hookingnirvana](https://github.com/ionescu007/hookingnirvana) Recon 2015 Presentation from Alex Ionescu
- [**96**星][8m] [C++] [dzzie/vs_libemu](https://github.com/dzzie/vs_libemu) Visual Studio 2008 port of the libemu library that includes scdbg.exe, a modification of the sctest project, that includes more hooks, interactive debugging, reporting features, and ability to work with file format exploit shellcode.
- [**93**星][2m] [JS] [oalabs/frida-wshook](https://github.com/oalabs/frida-wshook) Script analysis tool based on Frida.re
- [**89**星][2m] [C] [xpn/ssh-inject](https://github.com/xpn/ssh-inject) A ptrace POC by hooking SSH to reveal provided passwords
- [**88**星][6y] [C] [chokepoint/crypthook](https://github.com/chokepoint/crypthook) TCP/UDP symmetric encryption tunnel wrapper
- [**88**星][4m] [R] [lorenzwalthert/precommit](https://github.com/lorenzwalthert/precommit) pre-commit hooks for R projects
- [**83**星][2m] [Py] [enigmabridge/certbot-external-auth](https://github.com/enigmabridge/certbot-external-auth) Certbot external DNS, HTTP, TLSSNI domain validation plugin with JSON output and scriptable hooks, with Dehydrated compatibility
- [**83**星][1m] [C] [smealum/udsploit](https://github.com/smealum/udsploit) UDS exploit + kernel hooks for 11.3
- [**82**星][2m] [JS] [pnigos/hookjs](https://github.com/pnigos/hookjs) javascript function hook
- [**79**星][2m] [C++] [cseagle/collabreate](https://github.com/cseagle/collabreate) Hook IDA的事件通知,将事件涉及的修改内容广播到中心服务器,中心服务器转发给其他分析相同文件的用户
- [**79**星][29d] [Pascal] [delphilite/delphihookutils](https://github.com/delphilite/delphihookutils) Delphi Hooking Library by Lsuper
- [**77**星][1m] [C] [dodola/fbhookfork](https://github.com/dodola/fbhookfork) 从 fb 的 profilo 项目里提取出来的hook 库,自己用
- [**76**星][29d] [C++] [secrary/hooking-via-instrumentationcallback](https://github.com/secrary/hooking-via-instrumentationcallback) codes for my blog post:
- [**75**星][2y] [C++] [hrbust86/hookmsrbysvm](https://github.com/hrbust86/hookmsrbysvm) hook msr by amd svm
- [**73**星][1m] [C] [nektra/vtbl-ida-pro-plugin](https://github.com/nektra/vtbl-ida-pro-plugin) Identifying Virtual Table Functions using VTBL IDA Pro Plugin + Deviare Hooking Engine
- [**71**星][30d] [C++] [petrgeorgievsky/gtarenderhook](https://github.com/petrgeorgievsky/gtarenderhook) GTA SA rendering hook
- [**71**星][2m] [C] [zyantific/zyan-hook-engine](https://github.com/zyantific/zyan-hook-engine) Advanced x86/x86-64 hooking library (WIP).
- [**69**星][1y] [Java] [bolexliu/apptrack](https://github.com/bolexliu/apptrack) Xposed HookAPP逆向跟踪工具,跟踪Activity与Fragment启动信息等
- [**66**星][7y] [C] [chokepoint/jynx2](https://github.com/chokepoint/jynx2) JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
- [**64**星][5m] [C++] [changeofpace/mouhidinputhook](https://github.com/changeofpace/mouhidinputhook) MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.
- [**63**星][5m] [C++] [urshadow/urmem](https://github.com/urshadow/urmem) C++11 cross-platform library for working with memory (hooks, patches, pointer's wrapper, signature scanner etc.)
- [**60**星][5m] [C] [respeak/ts3hook](https://github.com/respeak/ts3hook) Teamspeak 3 Hook
- [**60**星][2m] [Makefile] [genuinetools/upmail](https://github.com/genuinetools/upmail) Email notification hook for
- [**60**星][4m] [C#] [indieteur/globalhooks](https://github.com/indieteur/globalhooks) Allows you to create global keyboard events
- [**59**星][3m] [C] [codectile/paradise](https://github.com/codectile/paradise) x86/x86-64 hooking library
- [**58**星][2m] [Ruby] [jbjonesjr/letsencrypt-manual-hook](https://github.com/jbjonesjr/letsencrypt-manual-hook) Allows you to use dehydrated (a Let's Encrypt/Acme Client) and DNS challenge response with a DNS provider that requires manual intervention
- [**57**星][1m] [Swift] [unixzii/swiftui-hooks](https://github.com/unixzii/swiftui-hooks) A PoC for implementing hooks in SwiftUI
- [**55**星][5y] [C++] [malwaretech/fsthook](https://github.com/malwaretech/fsthook) A library for intercepting native functions by hooking KiFastSystemCall
- [**54**星][2y] [Py] [stormshadow07/beef-over-wan](https://github.com/stormshadow07/beef-over-wan) Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
- [**53**星][2y] [C] [chen-charles/pedetour](https://github.com/chen-charles/pedetour) modify binary Portable Executable to hook its export functions
- [**52**星][4y] [C] [zhuhuibeishadiao/pfhook](https://github.com/zhuhuibeishadiao/pfhook) Page fault hook use ept (Intel Virtualization Technology)
- [**51**星][4y] [breakingmalwareresearch/captain-hook](https://github.com/breakingmalwareresearch/captain-hook)
- [**48**星][6m] [Java] [greywolf007/mobileq750hook](https://github.com/greywolf007/mobileq750hook) MobileQ750Hook
- [**48**星][2m] [C] [jay/gethooks](https://github.com/jay/gethooks) GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
- [**47**星][27d] [Py] [safebreach-labs/backdoros](https://github.com/safebreach-labs/backdoros) backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.
- [**45**星][2y] [C++] [coltonon/reghookex](https://github.com/coltonon/reghookex) External mid-function hooking method to retrieve register data
- [**44**星][1m] [C] [l1nuxdotfun/spacehook](https://github.com/l1nuxdotfun/spacehook) minecraft premium undeteck cheat!
- [**42**星][1y] [C] [dzzie/hookexplorer](https://github.com/dzzie/hookexplorer) technical tool to analyze a process trying to find various types of runtime hooks. Interface and output is geared torwards security experts. Average users wont be able to decipher its output.
- [**41**星][9y] [C++] [cr4sh/ptbypass-poc](https://github.com/cr4sh/ptbypass-poc) Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
- [**41**星][5m] [JS] [gaoding-inc/runtime-hooks](https://github.com/gaoding-inc/runtime-hooks)
- [**41**星][3m] [Py] [killswitch-gui/lterm](https://github.com/killswitch-gui/lterm) lterm is a small script built to install a bash hook for full terminal logging.
- [**41**星][4m] [C] [ntraiseharderror/antihook](https://github.com/ntraiseharderror/antihook) PoC designed to evade userland-hooking anti-virus.
- [**39**星][1m] [C] [dodola/traphook](https://github.com/dodola/traphook)
- [**38**星][27d] [C++] [ganyao114/sandboxhookplugin](https://github.com/ganyao114/sandboxhookplugin) demo for inject & hook in sandbox
- [**36**星][1m] [C] [harvie/libpurple-core-answerscripts](https://github.com/harvie/libpurple-core-answerscripts) Most-hackable Pidgin plugin! Framework for hooking scripts to respond received messages for various libpurple clients such as pidgin or finch
- [**36**星][2y] [C#] [roshly/ayyhook-loader](https://github.com/roshly/ayyhook-loader) A Free Open Source Cheat Loader
- [**35**星][2y] [C++] [nickcano/reloadlibrary](https://github.com/nickcano/reloadlibrary) A quick-and-dirty anti-hook library proof of concept.
- [**34**星][6m] [Py] [eset/volatility-browserhooks](https://github.com/eset/volatility-browserhooks) Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
- [**33**星][2m] [JS] [gr2m/before-after-hook](https://github.com/gr2m/before-after-hook) wrap methods with before/after hooks
- [**32**星][5m] [idkwim/frooksinatra](https://github.com/idkwim/frooksinatra) POC of sysenter x64 LSTAR MSR hook
- [**32**星][2m] [C++] [rokups/hooker](https://github.com/rokups/hooker) Minimalistic hooking library written in C
- [**32**星][7m] [ObjC] [zjjno/interface-inspector-hook](https://github.com/zjjno/interface-inspector-hook) Interface Inspector破解
- [**31**星][7m] [C++] [ayuto/dynamichooks](https://github.com/ayuto/dynamichooks) A C++ library to create function hooks dynamically, so you can easily embed it into other programming languages..
- [**31**星][5m] [C++] [hoangprod/leospecial-veh-hook](https://github.com/hoangprod/leospecial-veh-hook) Vectored Exception Handling Hooking Class
- [**30**星][4y] [C] [scorchsecurity/toast](https://github.com/scorchsecurity/toast) User-mode hook bypassing method
- [**30**星][1y] [ObjC] [nododo/hookdouyin](https://github.com/nododo/hookdouyin) iOS逆向:如何让抖音自动播放下一个视频(懒人癌)
- [**29**星][26d] [Kotlin] [godtoy/wework-hook-example](https://github.com/godtoy/wework-hook-example) 企业微信xposed-hook,企业微信Hook,消息收发,自动爆粉
- [**29**星][2m] [C] [robotn/gohook](https://github.com/robotn/gohook) GoHook, Go global keyboard and mouse hook
- [**28**星][3y] [Py] [tr3jer/autohookspider](https://github.com/tr3jer/autohookspider) 将自动爬虫的结果判断是否属于hooks,并不断抓取url爬啊爬。
- [**27**星][1m] [Java] [mx-futhark/hook-any-text](https://github.com/mx-futhark/hook-any-text) The goal of this project is to provide an alternative to well established text hookers, whose features are restrained to a certain number of game engines and emulators.
- [**27**星][2m] [C++] [strobejb/sslhook](https://github.com/strobejb/sslhook) OpenSSL hooking
- [**27**星][1m] [C++] [aixxe/cstrike-basehook-linux](https://github.com/aixxe/cstrike-basehook-linux) Internal project base for Counter-Strike: Source on Linux.
- [**27**星][30d] [Shell] [kintoandar/pre-commit](https://github.com/kintoandar/pre-commit) pre-commit hook terraform; pre-commit hook prometheus
- [**26**星][3y] [C++] [ilyatk/hookengine](https://github.com/ilyatk/hookengine)
- [**26**星][3m] [C#] [nytrorst/hookme](https://github.com/nytrorst/hookme) Exported from
- [**25**星][3y] [C++] [bronzeme/ssdt_hook_x64](https://github.com/bronzeme/ssdt_hook_x64)
- [**25**星][2m] [Py] [esss/hookman](https://github.com/esss/hookman) A plugin management system in python to applications (in totally or partially) written in C++.
- [**25**星][1m] [Py] [rbeuque74/letsencrypt-ovh-hook](https://github.com/rbeuque74/letsencrypt-ovh-hook) Let's Encrypt hook for DNS validation for OVH domains
- [**24**星][6y] [C] [jyang772/hideprocesshookmdl](https://github.com/jyang772/hideprocesshookmdl) A simple rootkit to hide a process
- [**23**星][6m] [Java] [jackuhan/loginhook](https://github.com/jackuhan/loginhook) xposed的hook案例
- [**22**星][3m] [C#] [reloaded-project/reloaded.hooks](https://github.com/reloaded-project/reloaded.hooks) Advanced native function hooks for x86, x64. Welcome to the next level!
- [**21**星][1y] [C#] [michel-pi/lowlevelinput.net](https://github.com/michel-pi/lowlevelinput.net) A thread safe and event driven LowLevelMouse and LowLevelKeyboard Hook
- [**21**星][5m] [ObjC] [zjjno/cornerstonehook](https://github.com/zjjno/cornerstonehook) Cornerstone破解
- [**20**星][1m] [Py] [orndorffgrant/bnhook](https://github.com/orndorffgrant/bnhook) binary ninja plugin for adding custom hooks to executables
- [**20**星][6y] [C] [tongzeyu/hooksysenter](https://github.com/tongzeyu/hooksysenter) hook sysenter,重载内核,下硬件断点到debugport,防止debugport清零
- [**20**星][4m] [Swift] [kealdishx/swiftloadhook](https://github.com/kealdishx/SwiftLoadHook) Use a hack way to achieve similar functions as Load() or initialize() in OC
- [**19**星][29d] [JS] [cynops/frida-hooks](https://github.com/cynops/frida-hooks)
- [**17**星][2y] [JS] [compewter/whoof](https://github.com/compewter/whoof) Web Browser Hooking Framework. Manage, execute and assess web browser vulnerabilities
- [**17**星][3y] [C] [zhuhuibeishadiao/kernelhooksdetection_x64](https://github.com/zhuhuibeishadiao/kernelhooksdetection_x64) x64 Kernel Hooks Detection
- [**16**星][3m] [C] [osrdrivers/penter](https://github.com/osrdrivers/penter) penter hook example and driver time recorder
- [**15**星][4y] [C++] [gfreivasc/vmthook](https://github.com/gfreivasc/vmthook) Virtual Method Table Hook
- [**14**星][2m] [C] [hasherezade/loaderine](https://github.com/hasherezade/loaderine) A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
- [**14**星][5m] [C] [manicstreetcoders/appinitglobalhooks-mimikatz](https://github.com/manicstreetcoders/appinitglobalhooks-mimikatz) Hide Mimikatz From Process Lists
- [**14**星][28d] [JS] [duolingo/pre-commit-hooks](https://github.com/duolingo/pre-commit-hooks) Standardizing our code quality tooling
- [**12**星][7m] [C++] [mgeeky/prc_xchk](https://github.com/mgeeky/prc_xchk) User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.
- [**11**星][7m] [C] [david-reguera-garcia-dreg/emuhookdetector](https://github.com/david-reguera-garcia-dreg/emuhookdetector) hook detector using emulation and comparing static with dynamic outputs
- [**11**星][1y] [C++] [scorbutics/iathook](https://github.com/scorbutics/iathook) A library that allows hook any imported function from the IAT (works only in x64)
- [**10**星][9m] [ObjC] [elegantliar/wechathook](https://github.com/ElegantLiar/WeChatHook) iOS非越狱 逆向微信实现防撤回, 修改步数
- [**10**星][3m] [C] [u2400/libc_hook_demo](https://github.com/u2400/libc_hook_demo) 一个HIDS agent端的demo
- [**9**星][9m] [C++] [david-grs/mtrace](https://github.com/david-grs/mtrace) simple c++ hooks around malloc/realloc/free
- [**8**星][10m] [coolervoid/bank_mitigations](https://github.com/coolervoid/bank_mitigations) Anti keylogger, anti screen logger... Strategy to protect with hookings or improve your sandbox with spyware detection... - Demo
- [**8**星][2m] [C++] [cyrex1337/hook.lib](https://github.com/cyrex1337/hook.lib) easy detour-, vftable-, iat- and eathooking
- [**8**星][2m] [C] [david-reguera-garcia-dreg/cgaty](https://github.com/david-reguera-garcia-dreg/cgaty) Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition
- [**8**星][3y] [C] [hollydi/ring0hook](https://github.com/hollydi/ring0hook)
- [**8**星][1y] [Swift] [zhangkn/hookingcmethods](https://github.com/zhangkn/hookingcmethods) Hooking & Executing Code with dlopen & dlsym ---Easy mode:hooking C methods
- [**7**星][1y] [C++] [codereversing/sehveh_hook](https://github.com/codereversing/sehveh_hook) Hooking functions with structured and vectored exception handling
- [**7**星][3y] [Java] [fuhuiliu/xposedhooktarget](https://github.com/fuhuiliu/xposedhooktarget) Xposed 插件基础开发之Hook目标
- [**7**星][8y] [C++] [wyyqyl/hookiat](https://github.com/wyyqyl/hookiat)
- [**6**星][6y] [C#] [aristocat/keyhook](https://github.com/aristocat/keyhook) A C# library for general hot keys.
- [**6**星][5m] [Java] [lailune/slrrmultiplayer](https://github.com/lailune/slrrmultiplayer) Street Legal: Redline hook-based Multiplayer modification
- [**4**星][3y] [C++] [blaquee/apchook](https://github.com/blaquee/apchook) hooking KiUserApcDispatcher
- [**4**星][2y] [ObjC] [corzfree/hookwx](https://github.com/corzfree/hookwx) 逆向工具
- [**4**星][2y] [C++] [m0rtale/universal-wndproc-hook](https://github.com/m0rtale/universal-wndproc-hook) Universal WndProc Hook for x86 and x64
- [**4**星][1y] [C] [nikolait/chess-com-cheat](https://github.com/nikolait/chess-com-cheat) Library that hooks into PR_Write() and PR_Read() in firefox processes and manipulates WebSocket Messages to cheat on chess.com
- [**4**星][6y] [C++] [simonberson/chromeurlsniffer](https://github.com/simonberson/chromeurlsniffer) Hook to Chrome Browser URL and show the current URL on simple textbox
- [**3**星][2y] [ObjC] [susnmos/xituhook](https://github.com/susnmos/xituhook) 逆向分析及修复稀土掘金iOS版客户端闪退bug
- [**2**星][4m] [Py] [swarren/uboot-test-hooks](https://github.com/swarren/uboot-test-hooks) Example "hook" scripts for the U-Boot test framework
- [**2**星][2y] [C] [synestraa/archultimate.hooklib](https://github.com/synestraa/archultimate.hooklib) ArchUltimate hook library
- [**2**星][2m] [C] [carlomara/qemu-ioctl-hooks](https://github.com/carlomara/qemu-ioctl-hooks) Code samples for blog post
- [**1**星][1y] [TS] [larkintuckerllc/hello-hooks](https://github.com/larkintuckerllc/hello-hooks)
- [**1**星][1y] [C++] [smore007/remote-iat-hook](https://github.com/smore007/remote-iat-hook) Remote IAT hook example. Useful for code injection
- [**1**星][2y] [ObjC] [wpstarnice/hookstatistics](https://github.com/wpstarnice/hookstatistics)
- [**1**星][2y] [C++] [zuhhcsg0/nebulahook](https://github.com/zuhhcsg0/nebulahook)
- [**1**星][2y] [C] [chocolateboy/b-hooks-op-annotation](https://github.com/chocolateboy/b-hooks-op-annotation) A Perl module which allows XS modules to annotate and delegate hooked OPs
- [**1**星][5m] [C++] [fireboyd78/d3hook](https://github.com/fireboyd78/d3hook) The magnificent hooking framework for Driv3r.
- [**0**星][1y] [Rust] [badboy/travis-after-all-rs](https://github.com/badboy/travis-after-all-rs) The missing `after_all_success` hook for Travis
- [**0**星][2y] [C] [cblack-r7/hashcat-hook](https://github.com/cblack-r7/hashcat-hook) A few LD_PRELOAD hooks to fix specific issues with hashcat
- [**0**星][2y] [Py] [ciscose/sparkhelper](https://github.com/ciscose/sparkhelper) A few of functions that help with checking that your bot is being used by an approved organization and for verifying the signature of a web hook request.
- [**0**星][2y] [JS] [yazeedb/responsive-fdt2-hooks](https://github.com/yazeedb/responsive-fdt2-hooks) Created with CodeSandbox
- [**0**星][10m] [zhulmin/iosapphook](https://github.com/zhulmin/iosapphook) iOS 逆向开发学习笔记
- [**0**星][1y] [shell] [keychest/certbot-hooks](https://gitlab.com/keychest/certbot-hooks)
- [**0**星][5y] [Py] [nikseetharaman/grapplinghook](https://github.com/nikseetharaman/grapplinghook) Open Source 802.11 Direction Finder
- [**None**星][C] [tandasat/uefivarmonitor](https://github.com/tandasat/uefivarmonitor) The runtime DXE driver monitoring access to the UEFI variables by hooking the runtime service table.
- [**None**星][C] [shoumikhin/elf-hook](https://github.com/shoumikhin/elf-hook) ELF shared library import table patching for function redirection.

***

## 文章

- 2020.02 [zoom] [‘We Were Hooked From Day One’: How Zoom, Zoom Rooms Helped Save the Children Transform Communications](https://blog.zoom.us/wordpress/2020/02/28/zoom-save-the-children-transform-communications/)
- 2020.02 [cqureacademy] [[RSA USA 2020] Explore Adventures in the Underland: Forensic Techniques Against Hackers Evading the Hook](https://cqureacademy.com/blog/other/rsa-usa-2020-explore-adventures-in-the-underland-forensic-techniques-against-hackers-evading-the-hook)
- 2020.01 [WarrantyVoider] [RE with WV - Episode #8 Taking over functions with detouring/hooking](https://www.youtube.com/watch?v=GfN5fCf7tGU)
- 2019.12 [aliyun] [关于通过Topchunk覆写Free_hook方法介绍](https://xz.aliyun.com/t/7020)
- 2019.10 [aliyun] [pwn学习系列之Extend the chunk及realloc_hook利用](https://xz.aliyun.com/t/6559)
- 2019.08 [webroot] [Cyber News Rundown: Hookup App Exposes Users](https://www.webroot.com/blog/2019/08/16/cyber-news-rundown-hookup-app-exposes-users/)
- 2019.07 [0x00sec] [Hooking in x64 bits](https://0x00sec.org/t/hooking-in-x64-bits/14940)
- 2019.06 [aliyun] [前端Sandbox hook toString的一点思路](https://xz.aliyun.com/t/5353)
- 2019.05 [logrocket] [How to migrate from HOCs to Hooks](https://medium.com/p/d0f7675fd600)
- 2019.05 [codeinsecurity] [Using uMod Patcher to create new hooks for Rust (the game)](https://codeinsecurity.wordpress.com/2019/05/14/using-umod-patcher-to-create-new-hooks-for-rust-the-game/)
- 2019.04 [logrocket] [Experimental Node.js: testing the new performance hooks](https://medium.com/p/31fcdd2a747e)
- 2019.04 [malware] [2019-04-03 - QUICK POST: HOOKADS CAMPAIGN RIG EK SENDS AZORULT](http://malware-traffic-analysis.net/2019/04/03/index.html)
- 2019.03 [0x00sec] [Defeating Userland Hooks (ft. Bitdefender)](https://0x00sec.org/t/defeating-userland-hooks-ft-bitdefender/12496/)
- 2019.03 [illuminati] [Why does EpicGamesLauncher hook into every process on my machine? (and keep them open after they close?)](https://illuminati.services/2019/03/20/why-does-epicgameslauncher-hook-into-every-process-on-my-machine-and-keep-them-open-after-they-close/)
- 2019.02 [malware] [2019-02-28 - FALLOUT EK FROM HOOKADS CAMPAIGN](http://malware-traffic-analysis.net/2019/02/28/index.html)
- 2019.02 [Fig] [Hookshotless GTG](https://www.youtube.com/watch?v=awxiJwEA-qs)
- 2019.02 [kaspersky] [How pirates hook gamers](https://www.kaspersky.com/blog/how-pirates-hook-gamers/25634/)
- 2019.01 [fsx30] [Bypass EDR’s memory protection, introduction to hooking](https://medium.com/p/2efb21acffd6)
- 2019.01 [fsx30] [Vectored Exception Handling, Hooking Via Forced Exception](https://medium.com/p/f888754549c6)
- 2019.01 [malware] [2019-01-10 - HOOKADS CAMPAIGN RIG EK PUSHES VIDAR](http://malware-traffic-analysis.net/2019/01/10/index2.html)
- 2019.01 [malware] [2019-01-04 - HOOKADS CAMPAIGN RIG EK PUSHES SMOKELOADER](http://malware-traffic-analysis.net/2019/01/04/index2.html)
- 2018.12 [pediy] [[原创]关于微信聊天机器人的半hook半协议研究](https://bbs.pediy.com/thread-248389.htm)
- 2018.11 [pediy] [[原创]攻破国内某大型app抓包hook签名检测,居然只是想替它实现懒人自动下一条视频播放?](https://bbs.pediy.com/thread-247997.htm)
- 2018.11 [traffic] [[2018-11-22] HookAds->FalloutEK->KPOT](https://traffic.moe/2018/11/22/index.html)
- 2018.11 [traffic] [[2018-11-21] HookAds->FalloutEK->AZORult->NetWireRAT](https://traffic.moe/2018/11/21/index.html)
- 2018.11 [nao] [HookAds->FalloutEK pushes Nocturnal Stealer, And new GlobeImposter](https://www.nao-sec.org/2018/11/hookads-fallout-ek-pushes-nocturnal.html)
- 2018.11 [traffic] [[2018-11-10] HookAds->FalloutEK->Vidar->GlobeImposter](https://traffic.moe/2018/11/10/index.html)
- 2018.11 [pediy] [[原创]快过年了,最暴力的微信骰子作弊方法(附分析过程),不是hook~~~](https://bbs.pediy.com/thread-247685.htm)
- 2018.11 [traffic] [[2018-11-08] HookAds->FalloutEK->DanaBot](https://traffic.moe/2018/11/08/index.html)
- 2018.11 [pediy] [[原创]记录一次脱壳,代理无法抓包,直接Hook网络请求的操作](https://bbs.pediy.com/thread-247631.htm)
- 2018.10 [vkremez] [Let's Learn: Exploring ZeusVM Banking Malware Hooking Engine](https://www.vkremez.com/2018/10/lets-learn-exploring-zeusvm-banking.html)
- 2018.10 [traffic] [[2018-10-29] HookAds->FalloutEK->AZORult->GlobeImposter+CoalaBot](https://traffic.moe/2018/10/29/index.html)
- 2018.10 [pediy] [原创]MoonU安全学习笔记之内联Hook](https://bbs.pediy.com/thread-247532.htm)
- 2018.10 [pentest] [Offensive IAT Hooking](https://pentest.blog/offensive-iat-hooking/)
- 2018.10 [traffic] [[2018-10-09] HookAds->FalloutEK->AZORult](https://traffic.moe/2018/10/09/index.html)
- 2018.10 [traffic] [[2018-10-06] HookAds->FalloutEK->SmokeLoader->Miner](https://traffic.moe/2018/10/06/index.html)
- 2018.10 [traffic] [[2018-10-04] HookAds->FalloutEK->Kraken](https://traffic.moe/2018/10/04/index.html)
- 2018.09 [auth0] [Validate User Emails Fast using Kickbox and Auth0 Hooks](https://auth0.com/blog/validate-user-emails-fast-using-kickbox-and-auth0-hooks/)
- 2018.08 [thedebuggers] [Minify HTML in CodeIgniter using Hooks](https://thedebuggers.com/minify-html-codeigniter-using-hooks/)
- 2018.08 [badtrace] [Anti-Hooking checks of SmokeLoader 2018](https://blog.badtrace.com/post/anti-hooking-checks-of-smokeloader-2018/)
- 2018.07 [pediy] [[原创]从pwnabke.tw第18题看free_hook覆盖](https://bbs.pediy.com/thread-230028.htm)
- 2018.07 [BSidesTLV] [Deep hooks - Assaf Carlsbad & Yarden Shafir](https://www.youtube.com/watch?v=z1AfUL8BxXI)
- 2018.07 [Fig] [Suns Grave Keese (Chus+Hook)](https://www.youtube.com/watch?v=35woQK19yQE)
- 2018.07 [Fig] [Hoverbooots vs Hookshot First (version 2)](https://www.youtube.com/watch?v=WTUWW-UzNv4)
- 2018.07 [Fig] [Hovers First vs Hookshot First (new vc equip dupe route)](https://www.youtube.com/watch?v=EYxDZr1gOms)
- 2018.07 [qq] [【游戏漏洞】代码实现HOOK明文发包](http://gslab.qq.com/article-513-1.html)
- 2018.06 [pediy] [[原创]Hook原理](https://bbs.pediy.com/thread-228669.htm)
- 2018.06 [4hou] [检测Hook和ROP攻击: 方法与实例](http://www.4hou.com/technology/11897.html)
- 2018.05 [pediy] [[分享] 爱奇艺APP使用的 native PLT hook 库开源了,经过了“亿级”线上设备的稳定性兼容性考验](https://bbs.pediy.com/thread-227105.htm)
- 2018.05 [pierrchen] [Understand Container 6: Hooks and Network](http://pierrchen.blogspot.mk/2018/05/understand-container-6-hooks-and-network.html)
- 2018.05 [apriorit] [Detecting Hook and ROP Attacks: Methods with Examples](https://www.apriorit.com/dev-blog/536-detecting-hook-and-rop-attacks)
- 2018.04 [360] [通过Hooking Chrome浏览器的SSL函数实现读取SSL通信数据](https://www.anquanke.com/post/id/104801/)
- 2018.04 [pediy] [[原创]Xposed第一课(微信篇) hook含有多个参数的方法](https://bbs.pediy.com/thread-226233.htm)
- 2018.04 [4hou] [Hooking Chrome浏览器的SSL函数来读取SSL通信数据](http://www.4hou.com/technology/11139.html)
- 2018.04 [cqureacademy] [RSA 2018: Adventures In The Underland: Techniques Against Hackers Evading The Hook](https://cqureacademy.com/blog/forensics/rsa-2018-san-francisco)
- 2018.04 [pediy] [[原创]Hyperplatform VT HOOK阅读笔记](https://bbs.pediy.com/thread-225797.htm)
- 2018.03 [pediy] [[原创]纪念我HooK逝世的青春--XIgnCode3.TP.NP.HS.PP.GPK](https://bbs.pediy.com/thread-225368.htm)
- 2018.03 [traffic] [[2018-03-20] HookAds->RigEK->Miner](https://traffic.moe/2018/03/20/index.html)
- 2018.03 [qq] [【游戏漏洞】HOOK原理以及在游戏逆向中的应用](http://gslab.qq.com/article-424-1.html)
- 2018.03 [malwarebreakdown] [Fobos Campaign Uses HookAds Template and Delivers Bunitu Proxy Trojan via RIG EK](https://malwarebreakdown.com/2018/03/12/hookads-or-fobos-campaign-delivers-bunitu-proxy-trojan-via-rig-ek/)
- 2018.03 [sentinelone] [深度Hook: 监控WOW64应用程序的Native执行 Part 1](https://www.sentinelone.com/blog/deep-hooks-monitoring-native-execution-wow64-applications-part-1/)
- 2018.03 [Fig] [Spirit BK Skip: Hookshot Jump vs Superslide](https://www.youtube.com/watch?v=0h7D_1pVlu8)
- 2018.03 [malwarebreakdown] [HookAds Campaign Is Back And Using RIG EK to Deliver Bunitu Proxy Trojan](https://malwarebreakdown.com/2018/03/07/hookads-campaign-is-back-and-using-rig-ek-to-deliver-bunitu-proxy-trojan/)
- 2018.03 [pediy] [[原创]ctf pwn中的malloc_hook利用及pragyan ctf 2018 pwn writeup](https://bbs.pediy.com/thread-225003.htm)
- 2018.02 [nytrosecurity] [Hooking Chrome’s SSL functions](https://nytrosecurity.com/2018/02/26/hooking-chromes-ssl-functions/)
- 2018.02 [HACKADAY] [Brilliant path to stronger wall hooks through 3D printing with reinfocement](https://www.youtube.com/watch?v=Imb3uvQZkIE)
- 2018.02 [pediy] [[原创]x64内核中的HOOK技术. 拦截进程,拦截线程,拦截模块(思路)](https://bbs.pediy.com/thread-224514.htm)
- 2018.01 [freebuf] [企业壳的反调试及Hook检测分析](http://www.freebuf.com/articles/es/160656.html)
- 2018.01 [pediy] [[原创]企业壳反调试及hook检测分析](https://bbs.pediy.com/thread-224181.htm)
- 2018.01 [pediy] [[原创]1字节 [hook引擎] 开源分享,最高效,简单](https://bbs.pediy.com/thread-224144.htm)
- 2018.01 [pediy] [[翻译]Ring3/Ring0层Rootkit Hook检测技术(二)](https://bbs.pediy.com/thread-223748.htm)
- 2018.01 [pediy] [[翻译]Ring3/Ring0层Rootkit Hook检测技术(一)](https://bbs.pediy.com/thread-223745.htm)
- 2017.12 [hasherezade] [hook finder vs Process Doppelganging](https://www.youtube.com/watch?v=T9pWqYGHqLM)
- 2017.12 [hasherezade] [Unpacking Magniber ransomware with PE-sieve (former: 'hook_finder')](https://www.youtube.com/watch?v=lqWJaaofNf4)
- 2017.12 [pediy] [[翻译]利用KPROCESS结构的InstrumentationCallback域实现Hook](https://bbs.pediy.com/thread-223285.htm)
- 2017.12 [hshrzd] [Hook the planet! Solving FlareOn4 Challenge6 with libPeConv](https://hshrzd.wordpress.com/2017/12/01/hook-the-planet-solving-flareon4-challenge6-with-libpeconv/)
- 2017.11 [Fig] [Hookshotless Chuslide Teleport Explanation](https://www.youtube.com/watch?v=wM6q87bGLuA)
- 2017.11 [Fig] [Hovers First vs Hook First in 100%](https://www.youtube.com/watch?v=enCXCBm5jxo)
- 2017.10 [ccsinet] [Cybersecurity Trends That Shook 2017](https://www.ccsinet.com/blog/cybersecurity-trends-2017/)
- 2017.09 [360] [看我如何通过hook攻击LuaJIT](https://www.anquanke.com/post/id/86958/)
- 2017.09 [nickcano] [Hook 脚本语言 Lua 的 JIT(尤其针对使用 Lua 的游戏)](https://nickcano.com/hooking-luajit/)
- 2017.09 [arxiv] [[1709.08331] By Hook or by Crook: Exposing the Diverse Abuse Tactics of Technical Support Scammers](https://arxiv.org/abs/1709.08331)
- 2017.09 [malwarebreakdown] [HookAds Campaign Leads to RIG EK and Drops ZeuS Panda.](https://malwarebreakdown.com/2017/09/14/hookads-campaign-leads-to-rig-ek-and-drops-zeus-panda/)
- 2017.09 [360] [见招拆招:详谈COM接口函数Hook技术](https://www.anquanke.com/post/id/86821/)
- 2017.09 [hackersgrid] [BeEF – Hooking Browser using Classic 2048 HTML Game](http://hackersgrid.com/2017/09/beef-adding-hook-to-a-website.html)
- 2017.08 [hasherezade] [hook_finder - a small tool for investigating in-memory patches](https://www.youtube.com/watch?v=CIdhgOjOC4k)
- 2017.08 [malwarebreakdown] [Malvertising Chain Leads to the HookAds Campaign. RIG Drops Dreambot.](https://malwarebreakdown.com/2017/08/03/malvertising-chain-leads-to-the-hookads-campaign-rig-drops-dreambot/)
- 2017.07 [malwarebreakdown] [Dreambot Dropped by HookAds](https://malwarebreakdown.com/2017/07/27/dreambot-dropped-by-hookads/)
- 2017.07 [malwarebreakdown] [HookAds Continues to use RIG EK to Drop Dreambot](https://malwarebreakdown.com/2017/07/18/hookads-continues-to-use-rig-ek-to-drop-dreambot/)
- 2017.06 [pediy] [[原创]阿里系产品Xposed Hook检测机制原理分析](https://bbs.pediy.com/thread-218848.htm)
- 2017.06 [malwarebreakdown] [Malvertising Leads to HookAds Campaign Which Redirects to RIG EK at 188.225.74.13. RIG EK Drops Dreambot.](https://malwarebreakdown.com/2017/06/25/malvertising-leads-to-hookads-campaign-which-redirects-to-rig-ek-at-188-225-74-13-rig-ek-drops-dreambot/)
- 2017.06 [malwarebreakdown] [HookAds Campaign Leads to RIG EK at 188.225.78.240. RIG EK Drops Dreambot.](https://malwarebreakdown.com/2017/06/20/hookads-campaign-leads-to-rig-ek-at-188-225-78-240-rig-ek-drops-dreambot/)
- 2017.06 [malwarebreakdown] [HookAds Malvertising Campaign Leads to RIG EK at 194.87.93.114 and Drops Dreambot](https://malwarebreakdown.com/2017/06/06/hookads-malvertising-campaign-leads-to-rig-ek-at-194-87-93-114-and-drops-dreambot/)
- 2017.06 [blacksunhackers] [利用 AppVerifier 实现函数Hook 及驻留](http://blacksunhackers.club/2017/06/leveraging-application-verifier-for-function-hooking-and-persistence/)
- 2017.05 [malwarebreakdown] [HookAds Campaign Leads to RIG EK at 188.227.74.169 and 5.200.52.203, Drops Dreambot](https://malwarebreakdown.com/2017/05/31/hookads-campaign-leads-to-rig-ek-at-188-227-74-169-and-5-200-52-203-drops-dreambot/)
- 2017.05 [Fig] [Shadow Early with Hookshot Jump Tutorial](https://www.youtube.com/watch?v=HTU0fKl-6uQ)
- 2017.05 [malwarebreakdown] [HookAds Malvertising Campaign Leads to RIG EK at 185.154.53.33, Drops LatentBot](https://malwarebreakdown.com/2017/05/18/hookads-malvertising-campaign-leads-to-rig-ek-at-185-154-53-33-drops-latentbot/)
- 2017.05 [pediy] [[原创] 无需越狱,篡改动态符号表实现hook](https://bbs.pediy.com/thread-217615.htm)
- 2017.05 [pediy] [针对TP hook 0E 页表异常断点 处理方法 理论处理](https://bbs.pediy.com/thread-217516.htm)
- 2017.05 [csyssec] [使用LRB(最近分支记录)特性检测IDT Hooking](http://www.csyssec.org/20170504/lbr-idthooking/)
- 2017.04 [MalwareAnalysisForHedgehogs] [Malware Analysis - Hook Injection PoC by Robert Kuster](https://www.youtube.com/watch?v=oS54M2GMXNY)
- 2017.04 [u011721501] [PHP HOOK的若干方法](https://blog.csdn.net/u011721501/article/details/70174924)
- 2017.04 [pediy] [解决爱加密加固之后使用xposed hook的时候log打印不出来的问题](https://bbs.pediy.com/thread-216965.htm)
- 2017.04 [freebuf] [利用Hook技术实现浏览器HTTPS劫持](http://www.freebuf.com/articles/web/131137.html)
- 2017.04 [Fig] [skip bombable wall in dc with hookshot jump [useless]](https://www.youtube.com/watch?v=6leP8AmKUhA)
- 2017.03 [malwarebreakdown] [HookAds Campaign Leads to RIG EK at 92.53.104.78](https://malwarebreakdown.com/2017/03/21/hookads-campaign-leads-to-rig-ek-at-92-53-104-78/)
- 2017.03 [pediy] [[原创]利用VirtualApp实现360加固的soHook简单例子](https://bbs.pediy.com/thread-216149.htm)
- 2017.03 [pediy] [[原创]利用VirtualApp实现免Root注入Hook(一)](https://bbs.pediy.com/thread-216096.htm)
- 2017.03 [csyssec] [Hook内核之PVOPS](http://www.csyssec.org/20170301/pvops/)
- 2017.02 [malwarebreakdown] [HookAds Malvertising Redirects to RIG-v EK at 217.107.219.99. EK Drops Ursnif Variant Dreambot.](https://malwarebreakdown.com/2017/02/19/hookads-malvertising-redirects-to-rig-v-ek-at-217-107-219-99-ek-drops-ursnif-variant-dreambot/)
- 2017.02 [auth0] [Introducing Auth0 Hooks](https://auth0.com/blog/introducing-auth0-hooks/)
- 2017.02 [anitian] [RSA Conference 2017 – By Hook Or By Crook, We Will](https://www.anitian.com/blog/rsa-conference-2017-hook-crook-will/)
- 2017.02 [cqureacademy] [Forensic techniques against hackers evading the hook (notes from NIC conference)](https://cqureacademy.com/blog/forensics/forensic-techniques)
- 2017.01 [engineeringblog] [Announcing Docker Hook Support for Pre-Commit](https://engineeringblog.yelp.com/2017/01/announcing-docker-hook-support-for-pre-commit.html)
- 2016.11 [malwarebytes] [The HookAds malvertising campaign](https://blog.malwarebytes.com/cybercrime/exploits/2016/11/the-hookads-malvertising-campaign/)
- 2016.10 [] [浅谈hook007的自启动手法](http://blogs.360.cn/360safe/2016/10/24/hook007autostart/)
- 2016.10 [] [浅谈hook007的自启动手法](http://blogs.360.cn/blog/hook007autostart/)
- 2016.10 [criteo] [Criteo to Acquire HookLogic – Strengthening its Performance Marketing Platform](http://labs.criteo.com/2016/10/criteo-acquire-hooklogic-strengthening-performance-marketing-platform/)
- 2016.10 [securitygossip] [Persistent Data-only Malware: Function Hooks Without Code](http://securitygossip.com/blog/2016/10/12/2016-10-12/)
- 2016.10 [sjtu] [Persistent Data-only Malware: Function Hooks Without Code](https://loccs.sjtu.edu.cn/gossip/blog/2016/10/12/2016-10-12/)
- 2016.08 [securityintelligence] [The Increasing Dangers of Code Hooking](https://securityintelligence.com/the-increasing-dangers-of-code-hooking/)
- 2016.08 [scorchsecurity] [Bypassing user-mode hooks the sneaky way](https://scorchsecurity.wordpress.com/2016/08/26/bypassing-user-mode-the-sneaky-way/)
- 2016.07 [ensilo] [Intrusive Applications: 6 Security Issues to Watch Out for in Hooking](https://blog.ensilo.com/intrusive-applications-6-security-to-watch-out-for-in-hooking)
- 2016.05 [n0tr00t] [wafCheck.py DEMO - Hook urllib2 / requests](https://n0tr00t.com/2016/05/03/wafCheck_demo.html)
- 2016.04 [f] [Unprotected WiFi Hook-Ups in action at Collision](https://blog.f-secure.com/unprotected-wifi-hook-ups-in-action-at-collision/)
- 2016.04 [f] [Unprotected WiFi Hook-Ups in action at Collision](https://safeandsavvy.f-secure.com/2016/04/28/unprotected-wifi-hook-ups-in-action-at-collision/)
- 2016.03 [turingh] [fishhook源码分析](http://turingh.github.io/2016/03/22/fishhook%E6%BA%90%E7%A0%81%E5%88%86%E6%9E%90/)
- 2016.03 [qq] [植物大战僵尸硬件断点HOOK实现](http://gslab.qq.com/article-136-1.html)
- 2016.03 [freebuf] [IAT Hooking的一种安全实现方式](http://www.freebuf.com/articles/system/99141.html)
- 2016.03 [pediy] [[原创]Hello world 版本Hook java](https://bbs.pediy.com/thread-208414.htm)
- 2016.03 [talosintelligence] [Angler Attempts to Slip the Hook](https://blog.talosintelligence.com/2016/03/angler-slips-hook.html)
- 2016.01 [] [百脑虫之HOOK技术分析](http://blogs.360.cn/post/analysis_of_bainaochong_hook.html)
- 2016.01 [] [浅谈hook007的自启动手法](http://blogs.360.cn/post/hook007autostart.html)
- 2016.01 [beefproject] [Hooked Browser Network with BeEF and Google Drive](http://blog.beefproject.com/2016/01/hooked-browser-network-with-beef-and.html)
- 2015.12 [bhconsulting] [The ransomware of Christmas present: 60,000 hooked by festive imagery](http://bhconsulting.ie/the-ransomware-of-christmas-present-60000-hooked-by-festive-imagery/)
- 2015.12 [sparkfun] [Shapeoko hookup guides and tutorials](https://www.sparkfun.com/news/1983)
- 2015.10 [pediy] [[原创][源码]任务管理器:进程+线程+模块+服务+HOOK](https://bbs.pediy.com/thread-205382.htm)
- 2015.10 [lightless] [CodeIgniter源码阅读笔记5之Hooks.php](https://lightless.me/archives/CodeIgniter-part5-Hooks.html)
- 2015.09 [pediy] [[原创]hook007木马分析](https://bbs.pediy.com/thread-204280.htm)
- 2015.09 [] [罪恶家族hook007之潜伏篇](http://blogs.360.cn/blog/hoook007/)
- 2015.09 [] [罪恶家族hook007之潜伏篇](http://blogs.360.cn/360safe/2015/09/10/hoook007/)
- 2015.08 [pediy] [[原创]使用调试机制进行HOOK来躲避检测的一次尝试](https://bbs.pediy.com/thread-203585.htm)
- 2015.08 [MalwareTech] [Hook Scanner Test (Zeus)](https://www.youtube.com/watch?v=Cp5x68zJQI0)
- 2015.08 [malwaretech] [User Mode Hook Scanner (Alpha)](https://www.malwaretech.com/2015/08/user-mode-hook-scanner-alpha.html)
- 2015.08 [checkpoint] [JavaScript Hooking as a Malicious Website Research Tool | Check Point Software Blog](https://blog.checkpoint.com/2015/08/18/javascript-hooking-malicious-website-research-tool/)
- 2015.08 [mwrinfosecurity] [Dynamic Hooking Techniques: User Mode](https://www.mwrinfosecurity.com/our-thinking/dynamic-hooking-techniques-user-mode/)
- 2015.08 [holisticinfosec] [toolsmith: There Is No Privacy - Hook Analyser vs. Hacking Team](https://holisticinfosec.blogspot.com/2015/08/toolsmith-there-is-no-privacy-hook.html)
- 2015.07 [inopinatus] [Hook AWS notifications into Slack with a Lambda function](https://inopinatus.org/2015/07/13/hook-aws-notifications-into-slack-with-a-lambda-function/)
- 2015.06 [talosintelligence] [Hook, Line & Sinker: Catching Unsuspecting Users Off Guard](https://blog.talosintelligence.com/2015/06/hook-line-sinker-catching-unsuspecting.html)
- 2015.05 [malwarebytes] [Scams Within Facebook Press On, Use “Facebook for Business” Hook](https://blog.malwarebytes.com/cybercrime/2015/05/scams-within-facebook-press-on-use-facebook-for-business-hook/)
- 2015.05 [pediy] [[原创]Half-Life Engine Hook WalkHack](https://bbs.pediy.com/thread-200378.htm)
- 2015.04 [rtl] [Hooking up an Si5351A Voltage Controlled Oscillator to the Local Oscillator Input on an RTL-SDR](https://www.rtl-sdr.com/hooking-up-an-si5351a-voltage-controlled-oscillator-to-the-local-oscillator-input-on-an-rtl-sdr/)
- 2015.04 [pediy] [[原创]新手无hook进程保护及过签名分析](https://bbs.pediy.com/thread-200048.htm)
- 2015.04 [pediy] [[原创]Hook Lib for ddk](https://bbs.pediy.com/thread-200026.htm)
- 2015.04 [nabla] [Hooking Variadic Functions With Substrate](https://nabla-c0d3.github.io/blog/2015/04/24/hooking-variadic-functions/)
- 2015.04 [pediy] [[原创]基于HOOK的Anti-debug调用点trace和Anti-anti](https://bbs.pediy.com/thread-199671.htm)
- 2015.04 [malwaretech] [Intercepting all System Calls by Hooking KiFastSystemCall](https://www.malwaretech.com/2015/04/intercepting-all-system-calls-by.html)
- 2015.03 [securify] [Hooking Swift methods for fun and profit](https://securify.nl/en/blog/SFY20150302/hooking-swift-methods-for-fun-and-profit.html)
- 2015.02 [pediy] [[原创][原创]x64 idt Hook](https://bbs.pediy.com/thread-197983.htm)
- 2015.01 [codereversing] [Virtual Method Table (VMT) Hooking](http://www.codereversing.com/blog/archives/181)
- 2015.01 [] [罪恶家族hook007之潜伏篇](http://blogs.360.cn/post/hoook007.html)
- 2015.01 [pediy] [[原创]SO Hook技术汇总](https://bbs.pediy.com/thread-196228.htm)
- 2015.01 [pediy] [[原创]易语言纯手写inlne hook](https://bbs.pediy.com/thread-196213.htm)
- 2014.12 [pediy] [Hook显卡厂商驱动(draw whatever you want)](https://bbs.pediy.com/thread-195759.htm)
- 2014.12 [arduino] [How to print a Pirate Hook with your Materia 101](https://blog.arduino.cc/2014/12/10/how-to-print-a-pirate-hook/)
- 2014.12 [pediy] [[原创]COM接口函数通用Hook方法](https://bbs.pediy.com/thread-195371.htm)
- 2014.11 [siliconblade] [Finding Call Reference Hooks in Mac Memory](http://siliconblade.blogspot.com/2014/11/finding-call-reference-hooks-in-mac.html)
- 2014.11 [mcafee] [Hooking the Mac - Mac OS X Wirelurker malware](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/hooking-mac/)
- 2014.11 [mcafee] [Chinese Trojan Hooks Macs, iPhones](https://securingtomorrow.mcafee.com/mcafee-labs/hooking-mac/)
- 2014.11 [pediy] [[原创]重载内核新方法,避免SEH导致的蓝屏(不hook链表)](https://bbs.pediy.com/thread-193964.htm)
- 2014.10 [pediy] [[翻译]卡巴斯基HOOK引擎分析](https://bbs.pediy.com/thread-193776.htm)
- 2014.10 [pediy] [[原创]HOOK学习笔记与心得](https://bbs.pediy.com/thread-193729.htm)
- 2014.10 [quequero] [Kaspersky Hooking Engine Analysis](https://quequero.org/2014/10/kaspersky-hooking-engine-analysis/)
- 2014.09 [L173864930] [Hook Java的的一个改进版本](https://blog.csdn.net/L173864930/article/details/39667355)
- 2014.09 [pediy] [[原创]Hook Java的的一个改进版本](https://bbs.pediy.com/thread-192803.htm)
- 2014.09 [christophertruncer] [Getting Hooked up with Responder and Beef](https://www.christophertruncer.com/getting-hooked-responder-beef/)
- 2014.09 [sparkfun] [Electricute - Conductive Velcro-Style Hook and Loop](https://www.sparkfun.com/news/1597)
- 2014.09 [] [罪恶家族——hook007木马](http://blogs.360.cn/360safe/2014/09/12/hook007_trojan/)
- 2014.09 [] [罪恶家族——hook007木马](http://blogs.360.cn/blog/hook007_trojan/)
- 2014.09 [pediy] [[原创]无源码加解密实现 && NDK Native Hook](https://bbs.pediy.com/thread-192047.htm)
- 2014.08 [engineeringblog] [Announcing pre-commit: Yelp’s Multi-Language Package Manager For Pre-Commit Hooks](https://engineeringblog.yelp.com/2014/08/announcing-pre-commit-yelps-multi-language-package-manager-for-pre-commit-hooks.html)
- 2014.08 [Proteas] [在非越狱设备上Hook C++的虚函数是否可能?](https://blog.csdn.net/Proteas/article/details/38514073)
- 2014.07 [pediy] [[原创] (向量化异常处理)VEH hook](https://bbs.pediy.com/thread-190668.htm)
- 2014.07 [pediy] [[原创]分析 Substrate 的 ARM/THUMB 函数 Hook 实现细节](https://bbs.pediy.com/thread-189994.htm)
- 2014.06 [malwarebytes] [Scammers Continue to Hook Users with Free Facebook Hacking](https://blog.malwarebytes.com/cybercrime/2014/06/scammers-continue-to-hook-users-with-free-facebook-hacking/)
- 2014.06 [malwaretech] [Usermode System Call hooking – Betabot Style](https://www.malwaretech.com/2014/06/usermode-system-call-hooking-betabo.html)
- 2014.05 [toolswatch] [Hook Analyser v3.1 Released](http://www.toolswatch.org/2014/05/hook-analyser-v3-1-released/)
- 2014.05 [pediy] [[原创]YY-一种高可靠性Hook的思路](https://bbs.pediy.com/thread-187531.htm)
- 2014.04 [pediy] [[原创]浅谈之重读老文章之那些年我们追过的gdt hook](https://bbs.pediy.com/thread-187064.htm)
- 2014.03 [pediy] [[原创]Hook Com接口函数](https://bbs.pediy.com/thread-185397.htm)
- 2014.02 [pediy] [[原创]逆向角度分析 CydiaSubstrate Hook 原理](https://bbs.pediy.com/thread-185014.htm)
- 2014.01 [pediy] [[原创]代码Hook之指令级实现](https://bbs.pediy.com/thread-183803.htm)
- 2014.01 [toolswatch] [Hook Analyser v3.0 The malware analysis utility released with the support of Cyber Threat Intelligence](http://www.toolswatch.org/2014/01/hook-analyser-v3-0-the-malware-analysis-utility-released-with-the-support-of-cyber-threat-intelligence/)
- 2014.01 [] [罪恶家族——hook007木马](http://blogs.360.cn/post/hook007_trojan.html)
- 2014.01 [HackersSecurity] [DEFCON 17: Managed Code Rootkits Hooking into Runtime Enviroments](https://www.youtube.com/watch?v=bBA-XCXNsY8)
- 2013.12 [pediy] [[原创]hook之函数栈帧追溯、NSLog捕获、STDOUT重定向](https://bbs.pediy.com/thread-183190.htm)
- 2013.12 [pediy] [[原创]如何在toolchain4编译环境上使用Substrate框架,产生针对某个应用程序的hook动态库](https://bbs.pediy.com/thread-183137.htm)
- 2013.12 [publicintelligence] [(U//FOUO) New Jersey Fusion Center: School Attacks and Plots Since Sandy Hook](https://publicintelligence.net/njroic-school-shootings-2013/)
- 2013.12 [incolumitas] [IAT hooking](http://incolumitas.com/2013/12/07/iat-hooking/)
- 2013.11 [publicintelligence] [Connecticut State’s Attorney Report on Sandy Hook Elementary School Mass Shooting](https://publicintelligence.net/ct-sandy-hook/)
- 2013.11 [rsa] [Detecting New 50-Troting Shell Hook Malware](https://community.rsa.com/community/products/netwitness/blog/2013/11/08/detecting-new-50-troting-shell-hook-malware)
- 2013.10 [pediy] [[原创]hook connect函数,禁用网络访问](https://bbs.pediy.com/thread-180629.htm)
- 2013.10 [pediy] [[原创]发一个c++ hook库, 主要用来测试和调试](https://bbs.pediy.com/thread-179972.htm)
- 2013.10 [malwaretech] [Ring3 / Ring0 Rootkit Hook Detection 2/2](https://www.malwaretech.com/2013/10/ring3-ring0-rootkit-hook-detection-22.html)
- 2013.09 [pediy] [[分享]新手的两份学习源码——数字的hook框架和重载内核](https://bbs.pediy.com/thread-179255.htm)
- 2013.09 [toolswatch] [Hook Analyser v2.6 Released](http://www.toolswatch.org/2013/09/hook-analyser-v2-6-released/)
- 2013.09 [malwaretech] [Ring3 / Ring0 Rootkit Hook Detection 1/2](https://www.malwaretech.com/2013/09/ring3-ring0-rootkit-hook-detection-12.html)
- 2013.09 [malwaretech] [Fighting Hooks With Hooks – Sandbox Escape](https://www.malwaretech.com/2013/09/fighting-hooks-with-hooks-sandbox-escape.html)
- 2013.08 [pediy] [[原创]Hook CreateTextServices](https://bbs.pediy.com/thread-178109.htm)
- 2013.08 [pediy] [[原创]浅谈系列之Object hook](https://bbs.pediy.com/thread-177048.htm)
- 2013.07 [pediy] [[原创]Delphi Hook Library(X86/X64)](https://bbs.pediy.com/thread-176371.htm)
- 2013.07 [siliconblade] [Hooking IDT in OS X and Detection](http://siliconblade.blogspot.com/2013/07/idt-hooks-and-detecting-them-in-osx.html)
- 2013.07 [siliconblade] [Back to Defense: Finding Hooks in OS X with Volatility](http://siliconblade.blogspot.com/2013/07/back-to-defense-finding-hooks-in-os-x.html)
- 2013.05 [toolswatch] [Hook Analyser v2.5 Released](http://www.toolswatch.org/2013/05/hook-analyser-v2-5-released/)
- 2013.05 [pediy] [[原创]I/O HOOK大法](https://bbs.pediy.com/thread-171213.htm)
- 2013.05 [freebuf] [TCP代理数据篡改工具-HookME v0.2.1.0b](http://www.freebuf.com/sectool/9274.html)
- 2013.05 [pediy] [[原创]HOOK NtCreateSection大法2](https://bbs.pediy.com/thread-171161.htm)
- 2013.04 [WarrantyVoider] [ME3OTH - Hooking Sequence Objects](https://www.youtube.com/watch?v=VfGqEDVRZ0o)
- 2013.04 [pediy] [[分享]对百度杀毒软件hook的一点分析[更1]](https://bbs.pediy.com/thread-168078.htm)
- 2013.04 [freebuf] [TCP代理工具(Data tamper)—hookme](http://www.freebuf.com/sectool/8249.html)
- 2013.03 [pediy] [[原创]ring3下的IAT HOOK](https://bbs.pediy.com/thread-166993.htm)
- 2013.03 [trustwave] [Hooked on Packets: Reading PCAPs for D Students - Preview](https://www.trustwave.com/Resources/SpiderLabs-Blog/Hooked-on-Packets--Reading-PCAPs-for-D-Students---Preview/)
- 2013.03 [kaspersky] [10 arrests that shook the cybercrime underworld](https://www.kaspersky.com/blog/10-arrests-that-shook-the-cybercrime-underworld/1397/)
- 2013.03 [pediy] [[原创]<<游戏外挂攻防艺术>>Hook虚表](https://bbs.pediy.com/thread-163721.htm)
- 2013.03 [toolswatch] [Hook Analyser v2.4 Released](http://www.toolswatch.org/2013/03/hook-analyser-v2-4-released/)
- 2013.03 [pediy] [[原创]发一个支持任意地点hook的类(包含驱动hook和应用层hook)](https://bbs.pediy.com/thread-163547.htm)
- 2013.03 [pediy] [[原创]就算Lua也hook给你看-Corona SDK 游戏魔女防御战的作弊插件](https://bbs.pediy.com/thread-163435.htm)
- 2013.02 [pediy] [[原创]发一个hook类的例子](https://bbs.pediy.com/thread-163065.htm)
- 2013.02 [freebuf] [恶意软件分析工具—Hook Analyser v2.3](http://www.freebuf.com/sectool/7362.html)
- 2013.02 [knownsec] [[hook.js]通用Javascript函数钩子](http://blog.knownsec.com/2013/02/hook-js%e9%80%9a%e7%94%a8javascript%e5%87%bd%e6%95%b0%e9%92%a9%e5%ad%90/)
- 2013.02 [freebuf] [[hook.js]通用Javascript函数钩子](http://www.freebuf.com/articles/7310.html)
- 2013.02 [toolswatch] [Hook Analyser v2.3 Released](http://www.toolswatch.org/2013/02/hook-analyser-v2-3-released/)
- 2013.02 [pediy] [[原创]终极hook技术](https://bbs.pediy.com/thread-162458.htm)
- 2013.01 [pediy] [[原创]用VC SDK实现的ICopyHook和IShellExecuteHook接口](https://bbs.pediy.com/thread-161282.htm)
- 2013.01 [nengx] [QQ2013 聊天记录获取(Hook)](https://blog.csdn.net/nengx/article/details/8481307)
- 2012.12 [rapid7] [Introduction to Metasploit Hooks](https://blog.rapid7.com/2012/12/17/metasploit-hooks/)
- 2012.10 [pediy] [[原创]发一个可编译,可替换的hookport代码](https://bbs.pediy.com/thread-157472.htm)
- 2012.10 [pediy] [[原创]发一个不仅仅hook的游戏保护驱动代码,以及简要流程图](https://bbs.pediy.com/thread-157439.htm)
- 2012.10 [toolswatch] [Tools in The Hook – Issue #1 (Ghost in the Wires Review & NetworkMiner Author Interview)](http://www.toolswatch.org/2012/10/tools-in-the-hook-issue-sept-2012/)
- 2012.10 [forcepoint] [Hook, line and sinker: the dangers of Location-Based Services](https://www.forcepoint.com/blog/security-labs/hook-line-and-sinker-dangers-location-based-services)
- 2012.08 [securesolutions] [Guide to understanding XSS – Payloads, attack vectors, BeEF hooking, MiTM with Shank and some history](https://www.securesolutions.no/xss-explained/)
- 2012.08 [zonealarm] [Don’t Get Hooked: Anatomy of an Email Scam](https://www.zonealarm.com/blog/2012/08/anatomy-of-an-email-scam/)
- 2012.08 [zonealarm] [Don’t Get Hooked: Anatomy of an Email Scam](https://blog.zonealarm.com/2012/08/anatomy-of-an-email-scam/)
- 2012.08 [pediy] [我也发个HOOK中间工具。](https://bbs.pediy.com/thread-154747.htm)
- 2012.08 [redplait] [MsgHookLister](http://redplait.blogspot.com/2012/08/msghooklister.html)
- 2012.07 [pediy] [[原创]高端Rootkit的hook隐藏技术](https://bbs.pediy.com/thread-152884.htm)
- 2012.06 [redplait] [CoRegisterChannelHook in w8 consumer preview](http://redplait.blogspot.com/2012/06/coregisterchannelhook-in-w8-consumer.html)
- 2012.05 [pediy] [[原创]监控进程创建结束非HOOK方式](https://bbs.pediy.com/thread-151249.htm)
- 2012.04 [pediy] [[原创]一个hooklib源码 for ring0 ring3 x86 amd64](https://bbs.pediy.com/thread-149609.htm)
- 2012.03 [rachelbythebay] [Hooking up a school to a T1 on the cheap](http://rachelbythebay.com/w/2012/03/01/ppp/)
- 2012.02 [pediy] [[原创]对象名字劫持,如何隐藏IRP DISPATCH HOOK](https://bbs.pediy.com/thread-146370.htm)
- 2012.02 [pediy] [[原创]QQ电脑管家中的 Hook 过程分析](https://bbs.pediy.com/thread-146313.htm)
- 2012.02 [pediy] [[原创]对WriteFile全面Hook](https://bbs.pediy.com/thread-146047.htm)
- 2011.12 [pediy] [[原创]Hook KiFastCallEntry监控系统调用](https://bbs.pediy.com/thread-144538.htm)
- 2011.12 [pediy] [[原创]Hide idt Hook By DrxHOOK](https://bbs.pediy.com/thread-144052.htm)
- 2011.11 [winsunxu] [vc6 chkesp IATHook 出错解决](https://blog.csdn.net/winsunxu/article/details/7027499)
- 2011.11 [pediy] [[原创]NDIS6 X86通用hook代码](https://bbs.pediy.com/thread-143507.htm)
- 2011.11 [pediy] [[原创]某安全卫士的内核hook](https://bbs.pediy.com/thread-143364.htm)
- 2011.11 [pediy] [[原创]hide idt hook src](https://bbs.pediy.com/thread-142627.htm)
- 2011.11 [pediy] [[原创]ZProtect Anti-Hook 脱壳](https://bbs.pediy.com/thread-142413.htm)
- 2011.10 [pediy] [[原创]IAT随便HOOK+反检测方法](https://bbs.pediy.com/thread-141437.htm)
- 2011.10 [redplait] [w8 DelayLoadFailureHookImplementation](http://redplait.blogspot.com/2011/10/w8-delayloadfailurehookimplementation.html)
- 2011.10 [pediy] [[原创]简单分析一下HS驱动保护 - Hook篇](https://bbs.pediy.com/thread-141127.htm)
- 2011.09 [a1logic] [Reversing Stuxnet: 5 (Kernel Hooking)](https://www.a1logic.com/2011/09/27/reversing-stuxnet-5-kernel-hooking/)
- 2011.08 [a1logic] [Reversing Stuxnet: 3 (Filesystem hooking)](https://www.a1logic.com/2011/08/20/reversing-stuxnet-3-filesystem-hooking/)
- 2011.08 [pediy] [[原创]TDI HOOK监控tcp连接源码+文档](https://bbs.pediy.com/thread-138620.htm)
- 2011.08 [pediy] [[原创]无hook无patch 无自定义peloader 在内核加载执行驱动](https://bbs.pediy.com/thread-138397.htm)
- 2011.06 [pediy] [[原创]恢复KiFastCallEntry的hook,用任务管理器结束360](https://bbs.pediy.com/thread-136070.htm)
- 2011.06 [pediy] [[原创]hook ProbeForWrite探测隐藏进程](https://bbs.pediy.com/thread-135777.htm)
- 2011.05 [pediy] [[原创]不HOOK任何函数,让任务管理器、XueTr、360进程管理器无法结束保护进程](https://bbs.pediy.com/thread-134645.htm)
- 2011.05 [pediy] [[原创]很多句话让XueTr卸载不了我们的驱动(ObjectType HOOK)](https://bbs.pediy.com/thread-134415.htm)
- 2011.04 [pediy] [[原创]自认为巧妙的ring3 HOOK模板,欢迎大牛指点](https://bbs.pediy.com/thread-132633.htm)
- 2011.04 [pediy] [[原创]学习内核写的hook库,支持内核中常用的几种hook](https://bbs.pediy.com/thread-132418.htm)
- 2011.03 [redplait] [IERT_DelayLoadFailureHook](http://redplait.blogspot.com/2011/03/iertdelayloadfailurehook.html)
- 2011.03 [androidcracking] [original smalihook java source](http://androidcracking.blogspot.com/2011/03/original-smalihook-java-source.html)
- 2011.03 [winsunxu] [C++成员函数的HOOK](https://blog.csdn.net/winsunxu/article/details/6268992)
- 2011.03 [pediy] [[原创]另类HookShadow](https://bbs.pediy.com/thread-131159.htm)
- 2011.02 [pediy] [[原创]发个HOOK源码](https://bbs.pediy.com/thread-129897.htm)
- 2011.01 [pediy] [[原创]objectHook简单介绍](https://bbs.pediy.com/thread-128161.htm)
- 2010.11 [e] [One safe hook handler - E8 Method](http://e-omidfar.blogspot.com/2010/11/one-safe-hook-handler-e8-method.html)
- 2010.10 [pediy] [[原创]利用IShellExecuteHook接口对程序监控](https://bbs.pediy.com/thread-122023.htm)
- 2010.07 [pediy] [[原创]狙剑 SnipeSword.sys NtLoadDriver Hook 本地拒绝服务漏洞](https://bbs.pediy.com/thread-117482.htm)
- 2010.07 [pediy] [Hook过滤架构搭建,仿照360](https://bbs.pediy.com/thread-116033.htm)
- 2010.06 [pediy] [[原创]hook类[有码]](https://bbs.pediy.com/thread-115449.htm)
- 2010.05 [cleanbytes] [A new attack method–Kernel HOok Bypassing Engine ?](http://cleanbytes.net/a-new-attack-method-kernel-hook-bypassing-engine)
- 2010.05 [pediy] [[原创]内核无HOOK文件防删除,可以过冰刃,xuetr,easydelete](https://bbs.pediy.com/thread-112593.htm)
- 2010.03 [imthezuk] [hooking for fun and profit 2 - logging function calls](https://imthezuk.blogspot.com/2010/03/hooking-for-fun-and-profit-2-logging.html)
- 2010.02 [pediy] [[原创]QQ医生 <= 3.2 内核驱动程序ZwCreateKey HOOK 本地拒绝服务漏洞](https://bbs.pediy.com/thread-107384.htm)
- 2010.02 [pediy] [[原创]QQ医生 <= 3.2 内核驱动程序ZwSetInformationFile HOOK 本地拒绝服务漏洞](https://bbs.pediy.com/thread-107383.htm)
- 2009.12 [pediy] [[原创]Hook URLDownLoadToFile](https://bbs.pediy.com/thread-103249.htm)
- 2009.11 [pediy] [[原创]魔兽争霸改键工具(附源码),仅以此讨论Hook基础技术](https://bbs.pediy.com/thread-101149.htm)
- 2009.10 [pediy] [[原创]分析了一下360安全卫士的HOOK(二)——架构与实现](https://bbs.pediy.com/thread-99460.htm)
- 2009.10 [pediy] [[原创]分析了一下360安全卫士的HOOK](https://bbs.pediy.com/thread-99128.htm)
- 2009.10 [vexillium] [TraceHook v0.0.2](http://j00ru.vexillium.org/?p=175)
- 2009.10 [vexillium] [TraceHook v0.0.2](https://j00ru.vexillium.org/2009/10/tracehook-v0-0-2/)
- 2009.09 [webroot] [Roman Polanski Arrest Spawns Headline-Hooking Rogues](https://www.webroot.com/blog/2009/09/28/roman-polanski-arrest-spawns-headline-hooking-rogues/)
- 2009.09 [pediy] [[原创]从任务管理器中删除自己(非hook)](https://bbs.pediy.com/thread-98021.htm)
- 2009.09 [pediy] [[原创]IRP Hook 键盘Logger](https://bbs.pediy.com/thread-97821.htm)
- 2009.09 [pediy] [[原创]内核HOOK的安全问题(全程现场回放)](https://bbs.pediy.com/thread-97649.htm)
- 2009.08 [vexillium] [TraceHook v0.0.1 release](http://j00ru.vexillium.org/?p=141)
- 2009.08 [vexillium] [TraceHook v0.0.1 release](https://j00ru.vexillium.org/2009/08/tracehook-v0-0-1-release/)
- 2009.08 [pediy] [[原创]鼠标修复软件2.0,IRP HOOK实现(开源)](https://bbs.pediy.com/thread-96245.htm)
- 2009.08 [pediy] [[原创]Hook ObReferenceObjectByHandle的另一种框架](https://bbs.pediy.com/thread-95248.htm)
- 2009.07 [pediy] [[原创]Hook HttpSendRequest截获多帐号木马分析](https://bbs.pediy.com/thread-94438.htm)
- 2009.06 [pediy] [[分享]Ring3 ZwQuerySystemInformation Hook(HideProcess)](https://bbs.pediy.com/thread-91578.htm)
- 2009.05 [pediy] [[原创]HOOK笔记](https://bbs.pediy.com/thread-90178.htm)
- 2009.04 [pediy] [[原创]VEH实现的HOOK](https://bbs.pediy.com/thread-85807.htm)
- 2009.04 [pediy] [[原创]在WM6下实现对电话进程通话状态窗口的截获以及Subclass Hook](https://bbs.pediy.com/thread-85522.htm)
- 2009.02 [coldwind] [ExcpHook ver 0.0.5-rc2](http://gynvael.coldwind.pl/?id=148)
- 2008.12 [pediy] [[原创]打造自己的HOOK引擎 之二 --- HOOK CHAIN处理](https://bbs.pediy.com/thread-79355.htm)
- 2008.12 [pediy] [[原创]奇虎360第1题 hook WRITE_PORT_UCHAR](https://bbs.pediy.com/thread-78975.htm)
- 2008.12 [pediy] [[分享]HOOK SwapContext 枚举隐藏进程(学习笔记4)](https://bbs.pediy.com/thread-78464.htm)
- 2008.12 [pediy] [[原创]RING3代码HOOK的原理实现 (学习笔记1)](https://bbs.pediy.com/thread-78418.htm)
- 2008.09 [pediy] [[原创]CE 下另類 Hook function 方式..](https://bbs.pediy.com/thread-72728.htm)
- 2008.09 [pediy] [[原创]基于交叉引用的搜索检测object hook](https://bbs.pediy.com/thread-72608.htm)
- 2008.09 [coldwind] [Is function hooking in Chrome really a security mechanism?](http://gynvael.coldwind.pl/?id=57)
- 2008.08 [pediy] [[原创]一种Object hook的思路和实现过程](https://bbs.pediy.com/thread-70329.htm)
- 2008.06 [pediy] [[分享]hook ObOpenObjectByPointer](https://bbs.pediy.com/thread-67286.htm)
- 2008.04 [pediy] [[分享]hook ZwQueryDirectoryFile实现文件隐藏](https://bbs.pediy.com/thread-63629.htm)
- 2008.04 [pediy] [[原创]导出表钩子------EAT HOOK](https://bbs.pediy.com/thread-62574.htm)
- 2008.04 [evilcodecave] [Hooking the Hook](https://evilcodecave.wordpress.com/2008/04/03/82/)
- 2008.03 [pediy] [[下载]Rootkit Hook 专题(CHM版)](https://bbs.pediy.com/thread-61472.htm)
- 2008.03 [pediy] [[求助]Hook ZwSetSystemInformation时遇到奇怪的问题](https://bbs.pediy.com/thread-60810.htm)
- 2008.03 [pediy] [[原创]rootkit hook 之[七]--- IAT Hook](https://bbs.pediy.com/thread-60778.htm)
- 2008.02 [pediy] [[原创]rootkit hook之[六] -- sysenter Hook](https://bbs.pediy.com/thread-60247.htm)
- 2008.02 [pediy] [[原创]rootkit hook 之[五] -- IRP Hook全家福](https://bbs.pediy.com/thread-60022.htm)
- 2008.02 [pediy] [[原创]rootkit hook之[四]-- IDT Hook](https://bbs.pediy.com/thread-59867.htm)
- 2008.01 [pediy] [[原创]RootKit hook 之[一] object hook](https://bbs.pediy.com/thread-57900.htm)
- 2007.12 [pediy] [[原创]对 Hook 内核ntoskrnl'sZwQuerySystemInformation隐藏任务管理器进程名 的一点完善](https://bbs.pediy.com/thread-56830.htm)
- 2007.11 [bhconsulting] [Spammers use religion as a hook](http://bhconsulting.ie/spammers-use-religion-as-a-hook/)
- 2007.10 [pediy] [[原创]发布一款自己写的小软件揭秘HOOK技术(附完整的源代码)](https://bbs.pediy.com/thread-53561.htm)
- 2007.10 [pediy] [[原创]利用WH_DEBUG消息进行反HOOK](https://bbs.pediy.com/thread-53016.htm)
- 2007.08 [evilcodecave] [Something about Firewall hooking and Packet Filtering #2](https://evilcodecave.wordpress.com/2007/08/27/something-about-firewall-hooking-and-packet-filtering-2/)
- 2007.08 [evilcodecave] [Something about Firewall hooking and Packet Filtering](https://evilcodecave.wordpress.com/2007/08/26/something-about-firewall-hooking-and-packet-filtering/)
- 2007.04 [pediy] [[原创]另一种sysenter hook方法(绕过绝大多数的rootkit检测工具的检测)](https://bbs.pediy.com/thread-42705.htm)
- 2007.04 [pediy] [[原创]必备绝技——hook大法( 中 )](https://bbs.pediy.com/thread-42422.htm)
- 2007.04 [pediy] [[原创]必备绝技--Hook大法( 上 )](https://bbs.pediy.com/thread-42362.htm)
- 2007.01 [pediy] [逆向未知dhook.sys驱动源代码](https://bbs.pediy.com/thread-37944.htm)
- 2006.12 [pediy] [[原创]Hook 内核ntoskrnl'sZwQuerySystemInformation隐藏任务管理器进程名](https://bbs.pediy.com/thread-36742.htm)
- 2006.12 [pediy] [Attacks on Themida AntiHook Protection](https://bbs.pediy.com/thread-35724.htm)
- 2006.09 [pediy] [[分享]Hide process only for NT(HOOK方式)](https://bbs.pediy.com/thread-31816.htm)
- 2006.08 [pediy] [HOOK实现读取、存储远程进程的控件文本](https://bbs.pediy.com/thread-30535.htm)
- 2006.08 [pediy] [[已解决]如何用全局Hook记录鼠标滚轮的动作?](https://bbs.pediy.com/thread-29995.htm)
- 2005.07 [mckeay] [Cisco lets researcher off the hook](http://www.mckeay.net/2005/07/29/cisco-lets-researcher-off-the-hook/)
- 2005.07 [pediy] [利用hook编写通用破解程序](https://bbs.pediy.com/thread-15397.htm)
- 2005.07 [pediy] [Hook And Inject 系列教程 7.12 update](https://bbs.pediy.com/thread-14899.htm)
- 2005.06 [pediy] [[转帖]内核级利用通用Hook函数方法检测进程(支持主题讨论)](https://bbs.pediy.com/thread-14457.htm)
- 2004.12 [pediy] [[原创]对Rav 2005中HOOK的初步分析](https://bbs.pediy.com/thread-8108.htm)
- 2004.08 [infosecblog] [Long Range Hookup](https://www.infosecblog.org/2004/08/long-range-hookup/)

# 贡献
内容为系统自动导出, 有任何问题请提issue