Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/samueltulach/lighthook

Single-header, minimalistic, cross-platform hook library written in pure C
https://github.com/samueltulach/lighthook

efi hook hook-library kernelmode linux single-header-library usermode windows

Last synced: 5 days ago
JSON representation

Single-header, minimalistic, cross-platform hook library written in pure C

Host: GitHub
URL: https://github.com/samueltulach/lighthook
Owner: SamuelTulach
License: mit
Created: 2022-08-31T15:07:48.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2024-09-28T13:03:37.000Z (5 months ago)
Last Synced: 2025-02-03T12:11:17.500Z (12 days ago)
Topics: efi, hook, hook-library, kernelmode, linux, single-header-library, usermode, windows
Language: C++
Homepage:
Size: 704 KB
Stars: 310
Watchers: 12
Forks: 47
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

README

        ![logo](Assets/logo_small.png)

Single-header, minimalistic, cross-platform hook library written in pure C for x86-64 based systems.

## But... why?

While other well-written libraries that do exactly the same already exist, I wanted to have something simple that would not use an entire disassembler engine which can sometimes be painful to include in a project. 

**Pros of this library:**

- Written in pure C

- No dependencies (no full disassembler engine)

- Single header

- Works in both kernelmode/usermode

- Cross-platform (Windows/Linux/EFI)

- Easily portable (3 functions to allocate/free/protect memory that are platform specific)

**Cons of this library:**

- Breaks when a function starts with unsupported instructions (ex. AVX)

- Breaks when a function starts with instructions accessing memory using relative addressing (call/jmp/cmp)

## Showcase

![linux](Assets/linux_usermode.png)

![wink](Assets/windows_kernelmode.png)

![winu](Assets/windows_usermode.png)

![efi](Assets/efi_application.png)

## Usage

Include the [header file](https://github.com/SamuelTulach/LightHook/blob/main/Source/LightHook.h) in your project. Initialise hook structure by calling `CreateHook`. Perform the actual hook by calling `EnableHook` and optionally revert the hook with a call to `DisableHook`.

```

HookInformation info = CreateHook((void*)&FunctionToHook, (void*)&FunctionToCall);

int status = EnableHook(&info);

if (!status)

    return;

// Call the original function with info.Trampoline

FunctionToHook(10, 20);

DisableHook(&info)

```

## License

This repository is licensed under MIT if not stated otherwise in subfolders.