Label: hook

Functions call interception via replacement of header bytes by JMP or CALL instructions

I was describing a method of functions call interception by means of an import table in one of my previous articles. This method is more universal, since it gives an opportunity to intercept almost any calls (please see the limitations list below). However, this one is more complicated, since header modification code needs disassembling skills

A hook on a function call via modifying an import table

There are situations in terms of large projects when it is necessary to correct the work of one or more third-party components (such as libraries as a part of an application). The source code is rarely available in these cases and we have to use hacker approaches. I am going to consider one of the