Hybrid Hook 1.0

In category

Components > System > API

Description

Hook system or application code easier and more safely than ever in Delphi...

• Hook technology supports Windows XP 32-bit SP2 and up (including WoW64 x64 support for 32-bit processes)
• Ultra-tiny memory footprint which is exponentially smaller than similar, less-stable commercial hooking packages
• Hybrid Hook uses the "code overwriting/rewriting" hook method internally. This is also the method that Microsoft's Detours hooking package uses which is more reliable and overall better than combinatorial IAT/EAT hooks.
• No disassembler "hacks" are required to "guess" at CPU instructions executed at run-time due to sophisticated internal logic/intrinsics, hence the name "Hybrid" Hook
• Fully thread-safe code hooking.unhooking which uses atomic operations and thread memory access barriers backed by CPU mechanisms to ensure synchronization and stability
• Hook code or exported APIs in any module with ease, all complexity is removed for the programmer.
• Easily allows you to call the original API after hook installation without needing to "unhook" in order to do so
• Tested to insane extremes against the most popular hooking SDKs available to the public
• Process unintrusive low-level DLL injection supported which extends the Windows kernel32.dll.CreateProcessA() API. No spawning of threads is needed in the target process to load DLLs, no CPU registers are tampered with inside thread contexts etc. Support for code injection into already running processes is included as well, utilizing the same principle
• Process and thread identifier conversion helper functions are also included in Hybrid Hook which allow for process handle and thread handles to be converted to their respective identifiers
• 2 main hook flags are supported for hooking code atomically which keeps multiple threads from experiencing race conditions as well as accomplishing multi-processor safety. A flag for hook callback synchronization during unhooking of code is included which is an "extra" safety mechanism.
• Extra stable unhooking is realized through the flag (SYNC_UNHOOK) which explicitly relies on 2 available functions __EnterHook() and __ExitHook() respectively. See the Hybrid Hook SDK notes and demos for more information on this.
• An API for returning the caller module handle (HMODULE) exists and is especially useful within the context of a hook's callback function, it essentially allows for one to modify an API's behavior based on the caller if they choose to
• IsSystemProcess() API is available to determine if the calling process is SYSTEM owned which is sometimes imperative to know while doing code injection work

Informations

• Status: Demo only
• Source: C
• Price: $75
• Source price: $225
• Size: 16 784kB

Platforms:

• Delphi 2005 (VCL)
• Delphi 2006 (Win32)
• Delphi 2007 (VCL)
• Delphi 2009
• Delphi 2010
• Delphi 3
• Delphi 4
• Delphi 5
• Delphi 6
• Delphi 7

Downloads

• Delphi 2005 (VCL) , Delphi 2006 (Win32) , Delphi 2007 (VCL) , Delphi 2009 , Delphi 2010 , Delphi 3 , Delphi 4 , Delphi 5 , Delphi 6 , Delphi 7