Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: C++ Windows API VC hooking
I am trying to write some codes for detecting the user-mode hooks. Would you please guide me through the steps and ways to detect hooks. Till now I have tried enumerating all the running processes and enumerating the modules for each of the process. I read somewhere to compare the in-memory modules and on-disk modules to check for the hooks and something related to the IAT too. I know my question is very vague but I am just a beginner in this field. Please help me out.
Posted 6-Nov-12 21:56pm
Edited 6-Nov-12 22:03pm
v2

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

There are no quick answers for this one.
 
I could post google links for you, but I'd bet that, you've been there, done that.
 
I'd start with getting a good understanding of how user hooks work.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 7,903
1 Sergey Alexandrovich Kryukov 7,142
2 DamithSL 5,604
3 Manas Bhardwaj 4,986
4 Maciej Los 4,820


Advertise | Privacy | Mobile
Web02 | 2.8.1411023.1 | Last Updated 7 Nov 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100