HookDump is a tool for security product hook detection.
Building Source
Notes
Hook Types Detected
JMP
A jump instruction has been patched into the function to redirect execution flow
WOW
Detection of the WOW64 syscall stub being hooked, which allows filtering of all system calls
EAT
The address in the export address table does not match the address in the export address table in the copy on disc
GPA
GetProcAddress hook, an experimental feature, this is only output in verbose mode, when the result of GetProcAddress does not match the manually resolved function address. YYMV with this and some care should be taken to verify the results.
Verification
The only way to truly verify the correct working of the program is to check in a debugger if hooks are present. If you are getting a zero hooks result and are expecting to see something different, then first verify this in a debugger and please get in touch.
Pip is the official package manager for Python and the standard way to install libraries from…
R is an open-source programming language and environment built for statistical computing and data visualization. It…
Jenkins is an open-source automation server that makes it easy to build CI/CD pipelines. Continuous integration…
Android Studio is the official IDE for Android development, built on JetBrains' IntelliJ IDEA platform. It…
GitLab is a web-based, open-source Git repository manager written in Ruby. It includes built-in tools for…
Anaconda is the most widely used Python distribution for data science and machine learning. It bundles…