WinAppDbg helper script to catch API calls
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


------------- is an API call hooking tool based on WinAppDbg for the Windows
platform. It is derived from a script written by Michael Ligh published in the
Malware Analyst's Cookbook [1]


Catching data

I had some trouble to get the data from an API call and it required several
tries to get it working. Thus, the script is a mess. However, the hooked
send() API call serves as an example, but please note that this still requires
a cleanup.


The script is not finished, yet, but might serve as a template for API hooking tests.


Since the original script is published aunder the GNU General Publi
License >= Version 3, this script is it, too.