xHook is a low-level instrumenter and hooking library for Android ELF binaries. It functions as a framework for intercepting native symbols and redirecting function calls by modifying the procedure linkage table. The tool utilizes regular expressions to filter specific binary files and symbols for interception. It enables the redirection of native calls toward custom function implementations without altering the original binary files. The framework covers dynamic symbol resolution, ELF table modification, and security analysis of native libraries. It also includes stability mechanisms that u
Geode is a game modification SDK and mod loader for Geometry Dash. It functions as a hooking engine and UI framework that allows for the injection of dynamic libraries to alter game behavior and add new features. The toolkit distinguishes itself through a centralized mod compatibility manager and hook registry that tracks active modifications to prevent logic conflicts and application crashes. It utilizes a trampoline-based hooking engine to redirect game function calls while preserving native call stacks, alongside a dedicated UI framework for rendering custom popups and interface components
ReZygisk is an Android root module framework and Zygote process injector. It functions as a native hooking engine and linker redirection tool designed to inject custom code into the Android Zygote process so that modifications are inherited by all spawned applications. The project provides a decoupled abstraction layer and Zygisk API implementation, allowing system modules to operate independently of specific root management tools. This ensures that root modules remain stable and compatible across various kernel-level rooting solutions. The framework includes capabilities for system process
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the