Click here to Skip to main content
Click here to Skip to main content

HookAPI source code

, 31 Jan 2005
Rate this:
Please Sign up or sign in to vote.
A system wide api source code for windows api hook developpers


HookAPI is the API SDK that sets up system wide hooks for all windows platforms. It could easily hook 32-bit windows system APIs or 32-bit user-defined DLL. It could be used easily and all you need to do is write a DLL file named mydll.dll or mydll_9x.dll. It is based on ApiSpy32 by Yariv Kaplan.

The code injects two DLLs into the destination application. The first DLL, HookAPIxx.dll, updates the API's first 5 bytes:

 papi[0] =0xE8;
 *(DWORD *)&papi[1] =(DWORD)ProcessCall -(DWORD)papi -CALL_BYTES_SIZE;

The nother DLL mydllxxx.dll, runs the new API instead of the old API, like this sample to hook the socket function:
int WINAPI mysocket(int af, int type, int protocol)
   WriteLog("debug mysocket, af=%d, type=%d, protocol=%d", af, type, protocol);

   return socket(af, type, protocol);

And HookAPIxx.dll hooks the CreateProcessW/CreateProcessA functions, so it can catch the creation of new processes and inject the two DLLs:

#ifdef WINNT
   if(!strcmp(pinfo->api_name, "CreateProcessW") || 
      !strcmp(pinfo->api_name, "CreateProcessA") )
      pi =(PROCESS_INFORMATION *)pdwParam[9];
          InjectLib(pi->hProcess, fname);  // hook new process<CODE>
</CODE>      }

If you want to use it, then load the first DLL HookAPIxx.dll. If it's an NT system(WinNT/XP/200x), you should call function HookAllProcess() in the DLL and call UnhookAllProcess when you exit. There are other functions in the DLL, like HookOneProcess, HookOneProcess2 to hook one application on NT system.

mydllxx.dll is loaded by HookAPIxx.dll when HookAPIxx.dll is initialized, and then makes the hook:

It includes the following parts:
  • HookAPI SDK full source codes
  • many examples source codes, such as;

  1. Hook socket functions like socket, send, recv, connect, ...

  2. Hook file functions like CreateFile, ReadFile, ...

  3. Hook registry functions like RegOpenKey, RegQueryValue, RegQueryValueEx, ...

  4. Delphi sample for Hook socket function

  5. Delphi sample for Hook file function

  6. Hook ExitWindowsEx

  7. Hook LoadLibrary and GetProcAddress

  8. Hook GDI functions like TextOut, ExtTextOut

  9. Hook Shell API function like SHBrowseForFolder, SHGetFileInfo, ...

  10. Hiden Processes sample, it can hide processes, task managers cannot find it

  11. Filter Advertisement bar sample, it can filter AD bar of IE or other network application, or filter the data from some ports of TCP/UDP

  12. Message Filter sample, it can filter some messages of the windows

  13. Execute file manager sample, it can forbide some files open, execute, and hidden some folders or files

  14. Net encrypt sample, it can encrypt all the application that wrriten with socket. With this, you will not need encrypt in your application.

  15. hook a ship game to auto drop bomb and auto elude bullet


This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


About the Author
Web Developer
China China
An old C programmer in China.

Comments and Discussions

GeneralMy vote of 4 PinprofessionalAmir Mohammad Nasrollahi9-Aug-13 20:57 
GeneralMy vote of 5 PinmemberHosam Ershedat15-Aug-10 10:11 
GeneralBSoD PinmemberRedZenBird21-Jul-08 6:37 
GeneralRe: BSoD PinmemberWizardtop30-Nov-08 22:42 
GeneralHook explorer.exe crash PinmemberMember 396937515-Jun-08 20:50 
QuestionHOOKAPI on WinCE 6.0 PinmemberStiven Wang20-Mar-08 16:56 
GeneralRe: HOOKAPI on WinCE 6.0 Pinmemberprogramsalon4-Apr-08 17:22 
GeneralHooking into an undocumented API Pinmemberrusty brooks16-Jan-08 7:35 
GeneralRe: Hooking into an undocumented API Pinmemberprogramsalon24-Feb-08 16:05 
GeneralFind window handle from TextOut functions Pinmemberrusty brooks15-Jan-08 12:32 
If I hook into one of the TextOut functions, there is a HDC passed, which is the DC that is having the text written to it.

Is there a reliable way to determine what the HWND that is being written to is?

I've tried a few things, namely hooking into GetDC and GetDCEx, so that whenever a DC is obtained for an HWND I can store it and retrieve it during the TextOut functions. This doesn't really seem to work for me, either I have some mistakes, or something. I'm not able to reliably figure out the proper HWND.
GeneralRe: Find window handle from TextOut functions Pinmemberprogramsalon24-Feb-08 16:06 
Generalwhen I hook same process for second time and close app window process also closed :( [modified] Pinmembertruestepper15-Jan-08 9:28 
GeneralRe: when I hook same process for second time and close app window process also closed :( Pinmemberprogramsalon24-Feb-08 16:22 
AnswerRe: when I hook same process for second time and close app window process also closed :( Pinmembertruestepper25-Feb-08 0:08 
GeneralHook socket example.. Pinmemberherlimam7-Jan-08 17:20 
GeneralRe: Hook socket example.. Pinmemberprogramsalon24-Feb-08 16:13 
GeneralHook a DLL PinmemberZorro937317-Jan-08 4:07 
QuestionHow to avoid the Anti-Virus Software? Pinmemberwangk070519-Dec-07 15:50 
GeneralRe: How to avoid the Anti-Virus Software? Pinmemberprogramsalon24-Feb-08 16:19 
GeneralIt supports Win9x/NT/XP/2003/Vista. Pinmemberalva.shi26-Nov-07 17:50 
GeneralRe: It supports Win9x/NT/XP/2003/Vista. Pinmemberprogramsalon28-Nov-07 16:48 
Generalvisual c++ 2005 Pinmemberchmouc219-Nov-07 8:39 
GeneralRe: visual c++ 2005 Pinmemberhnxthuyao19-Nov-07 18:04 
QuestionIt conflicts with Explorer.exe process sometimes Pinmemberwangk070514-Sep-07 20:37 
AnswerRe: It conflicts with Explorer.exe process sometimes Pinmemberprogramsalon16-Sep-07 8:13 
GeneralRe: It conflicts with Explorer.exe process sometimes PinmemberSloanCode14-Sep-08 13:29 
GeneralHook on Windows Vista Pinmemberalva.shi9-Sep-07 16:29 
GeneralRe: Hook on Windows Vista Pinmemberprogramsalon16-Sep-07 8:14 
GeneralRe: Hook on Windows Vista Pinmemberalva.shi22-Nov-07 20:46 
Generalto download the full lastest version Pinmemberprogramsalon10-Aug-07 18:20 
GeneralApplications not opening in Windows XP SP2. PinmemberAttVis16-Apr-07 1:20 
GeneralRe: Applications not opening in Windows XP SP2. Pinmemberwangk070519-Dec-07 16:03 
Generalcode Pinmemberxiyaa12-Mar-07 0:40 
QuestionAmd Environment Pinmemberyuchul520-Jan-07 22:22 
Generalto download new version Pinmemberprogramsalon28-Dec-06 2:46 
QuestionRe: to download new version Pinmemberzantoy5-Oct-07 0:45 
QuestionHookAPINT crashing IE , MSDEV, Adob photoshop etc...????? PinmemberRakesh R. Yadava8-Dec-06 4:35 
GeneralHyper Threading Environment Pinmembersneijder7-Dec-06 19:58 
GeneralTextOut hook API Pinmemberbiman ghpsh5-Dec-06 21:13 
Generalabout the bug Pinmemberprogramsalon30-Nov-06 18:25 
GeneralRe: about the bug Pinmemberwangk19831-Dec-06 0:16 
QuestionHow to fix the bug??? Pinmemberwangk198328-Nov-06 22:18 
QuestionFor whom wants to hook FILE OPERATION Pinmemberwangk198325-Nov-06 9:11 
QuestionRe: For whom wants to hook FILE OPERATION Pinmemberzantoy5-Oct-07 2:08 
GeneralHookOneProcess and HOOKREG don't work properly Pinmembertezm11-Aug-06 1:18 
GeneralRe: HookOneProcess and HOOKREG don't work properly Pinmemberprogramsalon30-Nov-06 18:30 
GeneralHelp on hooking 1 process only Pinmemberjefft26-Apr-06 5:11 
GeneralRe: Help on hooking 1 process only Pinmemberprogramsalon27-Jun-06 18:54 
GeneralZeesh Pinmembersdssd7-Apr-06 12:28 
GeneralRe: Zeesh Pinmemberprogramsalon27-Jun-06 18:57 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.150414.1 | Last Updated 31 Jan 2005
Article Copyright 2005 by
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid