Code
iat-hooking-revisited
Import address table (IAT) hooking is a well documented technique for intercepting calls to imported functions. However, most methods rely on suspicious API functions and leave several easy to identify artifacts. This paper explores different ways IAT hooking can be employed while circumventing common detection mechanisms.
Project Information
The project was created on Aug 2, 2011.
- License: GNU Lesser GPL
- 3 stars
- svn-based source control
Labels:
Hacking
Security
Hooking
Interception
Debugging
API
Windows
Assembly
x86