Win32 CodeHook - an open source library for binary code hook and redirect for Win32 Delphi and C++.It supports some useful features to make code hooking a piece of cake.
It's free and open source. The license is MPL.
Current version is 1.0.0.
A slight update version on Jan.7, 2012, thanks to suggestions from Magno http://code.google.com/p/emballo/.
Add overflow check off to codehook.pas
Added a modified version DisAsm32 which works with Unicode version.
Features and advantages
1, Can hook function that starts with jump instructions.Most other simple API/code hook technic can not hook functions that first several instructions include jump instructions such like jmp, jcc (jump if condition is met), call, jecxz, etc.
CodeHook can rewrite those instructions in a safe way and continue hooking.
The only instructions that can prevent CodeHook from hooking are ret and iret, which indicate the function end is met and the function is too short to hook.
2, Very easily to use.CodeHook not only supports raw mode code hooking, it also supports advanced hooking.
CodeHook can generate "bridge code" that connects your hook code to the target code.
Thus you only need to writer hook code in a unique form (unique prototype functions) rather than writting different hook code for different target.
The typical hook prototype is,
Delphi syntax: function HookCallback(AHandle: TCodeHookHandle; AParams: PCodeHookParamAccessor): Cardinal; CallingConvertion;
C++ syntax: DWORD CallingConvertion HookCallback(TCodeHookHandle AHandle, PDWORD AParams);
This feature makes it possible to use one hook function to hook multiple functions. See the Delphi sample code. And this is how I do in the new Denomo package.
And even better, both of the hook and target functions can have various calling conventions. The calling conventions now supported are stdcall (used by Windows APIs), cdecl (used by C), and register call (used by Delphi).
3, Very flexible.CodeHook separates your hook function from the target function. Your hook function can fully replace the target function, or call old target function in the hook function in any time you want.
And even more flexible, you can easily modify the parameters before passing them to the old target function.
4, Can be used by any program language which can use a DLL.Though CodeHook is written in Delphi, the CHook.dll can be used by any other languages such like C++. In fact CodeHook has sample code that written in Delphi and C++. The sample C++ code can be compiled by VC6 and Borland C++ 5.5 or C++ Builder (BCB).
5, Free and open source.The license is MPL.
6, More feature will come soon.CodeHook was made to use in Denomo (a memory leak detection tool), so it now only supports in-process hooking. But inter-process hooking and DLL injection will be added in the near future versions.
CodeHook itself has been verified that it can be compiled by Delphi 7 and Delphi 2007. It should but not must be able to be compiled by Delphi 6, Delphi 2005, and Delphi 2006.
CHook.dll can be used by any language that supports DLL, pointer, and data structure.