https://stackoverflow.com/questions/23690622
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianRootkit Unhooker can detect inline hooking.
GMER also does that according to its specifications.
How to check for inline function hooking in Windows? [duplicate]
Question
Can anyone tell me how to check for inline function hooking? I installed the famous root-kit Hacker Defender. It uses inline function hooking technique. But when I check 5 first bytes of the function in Windows API, I can't see op-code for jump instruction. How can I detect whether or not a function is hooked? Thanks.
No correct solution
OTHER TIPS
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
