Home

Awesome

SafetyHook

SafetyHook is a C++23 procedure hooking library for Windows x86 and x86_64 systems. It aims to make runtime procedure hooking as safe as possible while maintaining simplicity of its implementation. To that end it currently does:

Installation

SafetyHook can be added via CMake's FetchContent, git submodules, or copied directly into your project using the amalgamated builds. SafetyHook requires Zydis to function.

Amalgamated builds

This is the easiest way to use safety hook. You can find amalgamated builds on the releases page. Simply download the ZIP file containing Zydis (or without Zydis if you already have it in your project) and copy the files into your project.

You may need to define ZYDIS_STATIC_BUILD if you're using the build with Zydis included.

CMake FetchContent

include(FetchContent)

# Safetyhook
FetchContent_Declare(
    safetyhook
    GIT_REPOSITORY "https://github.com/cursey/safetyhook.git"
    GIT_TAG "origin/main"
)
FetchContent_MakeAvailable(safetyhook)

If you want SafetyHook to fetch Zydis you must enable the CMake option -DSAFETYHOOK_FETCH_ZYDIS=ON.

Usage

#include <iostream>

#include <safetyhook.hpp>

__declspec(noinline) int add(int x, int y) {
    return x + y;
}

SafetyHookInline g_add_hook{};

int hook_add(int x, int y) {
    return g_add_hook.call<int>(x * 2, y * 2);
}

int main() {
    std::cout << "unhooked add(2, 3) = " << add(2, 3) << "\n";

    // Create a hook on add (This uses SafetyHook's easy API).
    g_add_hook = safetyhook::create_inline(reinterpret_cast<void*>(add), reinterpret_cast<void*>(hook_add));

    std::cout << "hooked add(3, 4) = " << add(3, 4) << "\n";

    g_add_hook = {};

    std::cout << "unhooked add(5, 6) = " << add(5, 6) << "\n";

    return 0;
}