search

lowleveldesign / detours-win32metadata

This repository contains code to build Win32 API surface of the Detours library to be consumed by .NET projects.
MIT License
7 stars 1 forks source link

readme

Detours.Win32Metadata

This project contains code to build and publish the Detours.Win32Metadata nuget package. The package wraps the Detours library into a winmd (Windows metadata) file. If you combine it with Microsoft.Windows.CsWin32, it will allow you to generate signatures (PInvokes) to easily use Detours functions in your executable/library.

Who is it for

You may profit from this package if you plan to use the Detours library in your project, for example, to implement a hook on a native function or to inject a DLL into a remote process.

How to use it

  1. Install the required Nuget packages:
  1. Create a NativeMethods.txt file in the root folder of your project and list native functions and structures (including the one from Detours) you plan to use, for example:
// Windows
CreateProcess
OpenProcess
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
ReadProcessMemory

WIN32_ERROR
NTSTATUS

// Detours
DetourCreateProcessWithDllsW

Please also check the cswin32 project README file for other configuration options of the PInvoke generators.

  1. You are ready to use the native functions in your code :)

Please check a blog post on my blog where I present how to create a native function hook using Detours.Win32Metadata. My other project, withdll, also uses this package to start a new process with an injected DLL.