Click here to Skip to main content
Search within:



Next

Detection of User-Mode Hooks
Sign Up to vote bad
good
See more: C++WindowsAPIVisual-C++hooking
I am trying to write some codes for detecting the user-mode hooks. Would you please guide me through the steps and ways to detect hooks. Till now I have tried enumerating all the running processes and enumerating the modules for each of the process. I read somewhere to compare the in-memory modules and on-disk modules to check for the hooks and something related to the IAT too. I know my question is very vague but I am just a beginner in this field. Please help me out.
Posted 6 Nov '12 - 20:56
abhineet.ayan.verma369
Edited 6 Nov '12 - 21:03
v2
Add a Solution


1 solution

There are no quick answers for this one.
 
I could post google links for you, but I'd bet that, you've been there, done that.
 
I'd start with getting a good understanding of how user hooks work.
  Permalink  
Posted 7 Nov '12 - 9:51
JackDingler8.9K
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Your Filters
Interested
Ignored
     
0 Sergey Alexandrovich Kryukov 353
1 OriginalGriff 345
2 Arun Vasu 315
3 Maciej Los 208
4 Aarti Meswania 180
0 Sergey Alexandrovich Kryukov 9,755
1 OriginalGriff 7,549
2 CPallini 4,018
3 Rohan Leuva 3,362
4 Maciej Los 2,951


Advertise | Privacy | Mobile
Web04 | 2.6.130523.1 | Last Updated 7 Nov 2012
Copyright © CodeProject, 1999-2013
All Rights Reserved. Terms of Use
Layout: fixed | fluid