问题
Does anyone know tools like SpyStudio to hook processes? The features I would like to have are:
- log function calls on other processes
- GUI
- scriptable
- opensource
I already looked at some tools like:
- SpyStudio
- Detours
- DynInst
but none really fully satisfies me.
回答1:
WinAPIOverride32
The primary usage of WinAPIOverride32 is monitoring/logging function calls of other process. It also has plug-in framework, so you could write your own hook handler. And it is open source (GPL).
回答2:
It's not Open Source, but other than that OllyDbg might be what you are looking for. Other useful tools and information can be found on www.openrce.org.
回答3:
It likely uses the debugging API and places debug hooks at key points in the application to to trap events. You may even be able to do what you want using ollydbg.
EDIT: I just looked at the site and saw the demonstration videos and I would say that they almost certainly do this through the debugging API. They likely place breakpoints in the target at the desired function entry points. When a trap event fires, it looks like they use an RPC call to notify the user of their API and allow them to look at what happened and potentially modify some things. Sending back what to do next also in an RPC call. A nice design, but just a glorified debugger.
回答4:
You can use Deviare from the same company that've developed SpyStudio. It lets you hook COM Interfaces. SpyStudio uses this API to monitor functions. It has a database of types that lets you get/set parameter values of any type.
回答5:
You can look at Detours library from Microsoft Research. Its a generic API Hooking library.
来源:https://stackoverflow.com/questions/299261/hook-processes