awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

7 个仓库

Awesome GitHub RepositoriesFunction Hooking

The architectural process of wrapping existing functions to modify their behavior without altering the original implementation.

Distinct from Function Hooking: Candidates are too specific to game engines or OS library hooking; a general architectural tag is needed.

Explore 7 awesome GitHub repositories matching software engineering & architecture · Function Hooking. Refine with filters or upvote what's useful.

Awesome Function Hooking GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • flightjs/flightF

    flightjs/flight

    6,493在 GitHub 上查看↗

    Flight is a JavaScript component framework and DOM interactivity library used to map behavioral logic to HTML nodes. It provides an event-driven architecture for building modular user interface elements and managing web application interactivity. The library distinguishes itself through a mixin-based system for injecting reusable functions and properties into components, promoting code reuse without rigid inheritance. It further enables behavior modification via function hooking, allowing developers to wrap existing methods to inject custom logic without altering the original source code. Th

    Allows developers to wrap existing methods with hooks to inject custom logic without altering original source code.

    JavaScript
    在 GitHub 上查看↗6,493
  • fluxionnetwork/fluxionFluxionNetwork 的头像

    FluxionNetwork/fluxion

    5,776在 GitHub 上查看↗

    Fluxion is a wireless security auditing framework that tests WPA/WPA2 networks by capturing handshakes and deploying rogue access points with captive portals. It operates by deauthenticating clients from legitimate access points, forcing them to reconnect to a cloned network where a fake authentication page collects the network passphrase. The tool distinguishes itself through a plugin-based attack lifecycle with mandatory hook functions for consistent execution, multilingual metadata scripts that load attack descriptions based on locale, and a handshake verification pipeline that validates c

    Defines mandatory and optional hook functions for attack lifecycle management.

    HTML
    在 GitHub 上查看↗5,776
  • darthton/blackboneDarthTon 的头像

    DarthTon/Blackbone

    5,431在 GitHub 上查看↗

    Blackbone 是一套专门用于内存扫描、进程注入和内核驱动接口的工具集合,用于操纵 Windows 执行环境。它提供了一个用于执行远程代码、映射可执行映像以及跨不同进程边界管理线程的框架。 该项目包含一个内核内存驱动程序,用于访问内核内存并修改句柄权限,从而在用户模式检测中隐藏分配。它还具有一个库,用于使用软件中断和硬件断点拦截远程进程中的函数调用。 该工具包涵盖了虚拟内存操作的更广泛功能,例如在本地或远程进程中读取、写入和分配内存。它还提供了用于定位特定字节序列的内存模式搜索实用程序,以及用于注入或卸载二进制文件的模块管理功能。

    Provides a library for intercepting function calls in remote processes using software interrupts and hardware breakpoints.

    C++
    在 GitHub 上查看↗5,431
  • theos/theostheos 的头像

    theos/theos

    4,867在 GitHub 上查看↗

    Theos 是一个跨平台移动开发工具链和构建系统,专为编译和打包移动操作系统软件而设计。它作为一个系统调整套件和运行时 Hook 框架,允许开发者创建修改,以改变移动 OS 环境的内部行为。 该项目通过提供专门的预处理器语法脱颖而出,该语法生成低级 API 调用,消除了函数和方法 Hook 通常所需的样板代码。它支持动态运行时方法交换(Method Swizzling)和类扩展,允许开发者拦截现有的系统方法并用自定义实现替换它们,同时保持调用原始功能的能力。 该工具链涵盖了广泛的功能,包括针对各种处理器和模拟器的多架构构建编排,以及生成 deb、ipa、pkg 和 rpm 等多种格式的安装包。它包括通过编译时路径解析和库链接调整对无根(Rootless)环境开发的专门支持。 构建系统通过 Makefile 管理,并支持各种项目脚手架模板以自动化初始开发设置。

    Wraps existing functions to modify their behavior using automated backend generators.

    Makefilebuild-systemioslinux
    在 GitHub 上查看↗4,867
  • jmpews/dobbyjmpews 的头像

    jmpews/Dobby

    4,754在 GitHub 上查看↗

    Dobby 是一个动态函数 Hook 框架和二进制插桩工具,旨在拦截和重定向编译二进制文件中的函数调用。它是一个跨平台、跨架构的库,为在不同操作系统和 CPU 架构上修改程序执行流提供了统一的接口。 该库通过向运行中的进程注入自定义处理程序,实现底层二进制插桩和运行时应用插桩。它常用于软件逆向工程,通过 Hook 内部函数来观察实时数据流和逻辑。 该框架涵盖了二进制补丁、运行时符号解析以及动态蹦床(trampoline)生成。它管理特定平台的内存保护,并将通用的 Hook 请求映射为特定架构的操作码,通过基于指令的 Hook 来重定向执行。

    Provides a framework for intercepting and redirecting function calls in running programs to modify behavior.

    C++hookhook-framework
    在 GitHub 上查看↗4,754
  • hyperdbg/hyperdbgHyperDbg 的头像

    HyperDbg/HyperDbg

    3,885在 GitHub 上查看↗

    HyperDbg is a hardware-assisted kernel-mode debugging platform that leverages virtualization to monitor and control system execution. By utilizing hypervisor-level primitives, it enables deep system analysis and instrumentation without relying on standard operating system debugging interfaces. The framework provides a comprehensive environment for inspecting both kernel and user-mode processes, allowing for granular control over execution flow and system state. The project distinguishes itself through a transparent debugging layer designed to remain invisible to the target environment. It emp

    Intercepts calls to specific kernel or user functions to monitor behavior, modify arguments, or redirect execution flow.

    Cbinary-analysisdebugdebugger
    在 GitHub 上查看↗3,885
  • acidanthera/liluacidanthera 的头像

    acidanthera/Lilu

    3,845在 GitHub 上查看↗

    Lilu is a kernel patching engine and runtime code injection framework designed to modify kernel drivers and libraries in memory. It functions as an operating system customization framework that intercepts function calls and redirects execution flow within the kernel to resolve hardware compatibility issues and adjust system stability. The project employs a modular platform that allows for the injection of code and the modification of system libraries during the boot process without altering files on disk. It utilizes a plugin-based extension architecture and a standardized API interface to lo

    Intercepts system calls and function executions to redirect control flow to custom handler logic.

    C
    在 GitHub 上查看↗3,845
  1. Home
  2. Software Engineering & Architecture
  3. Function Hooking

探索子标签

  • Attack Hook DefinitionsDefines four mandatory hooks for preparing, starting, stopping, and cleaning up an attack, plus optional hooks for interface targeting and state persistence. **Distinct from Function Hooking:** Distinct from Function Hooking: specifically defines hooks for attack lifecycle management, not general function interception.
  • Attack Lifecycle HooksDefines four mandatory hook functions to prepare, start, stop, and clean up a background attack process. **Distinct from Function Hooking:** Distinct from Function Hooking: specifically defines lifecycle hooks for attack modules, not general function interception.
  • ExternalTechniques for replacing function calls or memory addresses with custom logic to modify program behavior during analysis. **Distinct from Function Hooking:** Distinct from general architectural function hooking: focuses specifically on external interposition for binary analysis and bypasses.
  • Hook OverwritingTechniques for modifying critical pointers to redirect execution flow to arbitrary code or gadgets. **Distinct from Function Hooking:** Distinct from general function hooking: focuses on the specific act of overwriting hooks for shell access.
  • Interrupt-Based HooksFunction hooks that utilize software interrupts to redirect execution flow. **Distinct from Function Hooking:** Specific to the use of software interrupts for interception, unlike general architectural function wrapping.
  • Remote Process HookingIntercepting and redirecting function calls within the address space of a separate process. **Distinct from Function Hooking:** Distinct from general Function Hooking: specifically targets the manipulation of a foreign process's execution flow, not the local process.
  • Stealthy Hook ImplementationsMechanisms for intercepting function calls using hidden hooks that remain invisible to the operating system. **Distinct from Function Hooking:** Distinct from Function Hooking: focuses on the stealth and invisibility of the hooks, not just the architectural act of interposition.