SkillAgentSearch skills...

PolyHook

x86/x64 C++ Hooking Library

GenerateConvertImprove

Install / Use

/learn @stevemk14ebr/PolyHook
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

PolyHook - x86/x64 Hooking Library

Provides abstract C++ 11 interface for various hooking methods

Technical Writeup: https://www.codeproject.com/articles/1100579/polyhook-the-cplusplus-x-x-hooking-library

OUTDATED

Please use V2: https://github.com/stevemk14ebr/PolyHook_2_0. Consider sponsoring my development by clicking sponsor up in the top right!

Hooking Methods*:

  1. Detour
  • Description: Modifies opcode to jmp to hook and allocates a trampoline for jmp back
  • Length Disassembler Support (Capstone)
  • Supports Code Relocation, including EIP/RIP relative instructions
  1. Virtual Function Detour :
  • Description: Detours the function pointed to by the Vtable
  1. Virtual Function Pointer Swap
  • Description: Swaps the pointer in the Vtable to your hook
  1. Virtual Table Pointer Swap
  • Description: Swaps the Vtable pointer after copying pointers in source Vtable, then swaps virtual function pointer in the new copy
  1. Import Address Table
  • Description: Swaps pointer in the import address table to the hook
  1. VEH

  • Description: Intercepts an exception generated on purpose, sets instruction pointer to handler, then resets exception generating mechanism

  • Methods to generate exception: INT3 Breakpoints, Guard Page violations.

  • Note: it is important to call the GetProtectionObject function INSIDE of your callback as per my example for all VEH hooks

  • Other exception generation methods are in development

  • All methods support x86 and x64

  • Relies on modified capstone branch https://github.com/stevemk14ebr/capstone

  • More Information can be found at the wiki to the right

Credits to DarthTon, evolution536, Dogmatt

Samples:

The file Tests.cpp provides examples for every type of hooking method. Accompanied with these examples is unit testing code provided by the fantastic library Catch (https://github.com/philsquared/Catch/blob/master/docs/tutorial.md). With the addition of this code the example may look a little complex, the general interface is extremely simple, all hook types expose setup, hook, and unhook methods:

std::shared_ptr<PLH::Detour> Detour_Ex(new PLH::Detour);
Detour_Ex->SetupHook((BYTE*)&MessageBoxA,(BYTE*) &hkMessageBoxA); //can cast to byte* to
Detour_Ex->Hook();
oMessageBoxA = Detour_Ex->GetOriginal<tMessageBoxA>();
Detour_Ex->UnHook();

LICENSE:

MIT

Related Skills

node-connect

338.7k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

83.6k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

338.7k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

commit-push-pr

83.6k

Commit, push, and open a PR

stevemk14ebr

View profile

View on GitHub
GitHub Stars929
CategoryDevelopment
Updated3d ago
Forks176
stevemk14ebr/PolyHook

Languages

C++

Security Score

95/100

Audited on Mar 24, 2026

No findings