监视进程 WinAPIOverride
监视进程 WinAPIOverride安装教程
允许您监视任何进程 对API函数或可执行的内部函数 ,进行检测处理过程
This software allows you to monitor and/or override any function of a process. This can be done for API functions or executable internal functions.
WinAPIOverride is more than a standard API monitoring software. It can break targeted application before or after a function call, allowing memory or registers changes; and it can directly call fun>
ctions of the targeted application.
·x 64 监测和重写为 COM API 和。NET。·x 64 详细的异常报告用于监视功能。·x 64 挂钩的进程交互。·x 64 远程调用内部挂钩的进程。·计时图表和详细的统计信息。·交叉供 vista 和七届互动 (服务和其他用户进程)。·自动堆栈遍历异常,即使对于其他日志禁用的堆栈行走。·Microsoft 调试符号服务器可以用于堆栈行走。·快速。Net 框架监测更改稳定性更好。·Borland 快速调用调用约定 (86) 的支持。·
Main differences between other API monitoring softwares :
You can define filters on parameters or function result
You can define filters on dll to discard calls from windows system dll
You can hook functions inside the target process not only API
You can hook asm functions with parameters passed through registers
You can hook hardware and software exceptions
Double and float results are logged
You can easily override any API or any process internal function
You can break process before or/and after function call to change memory or registers
You can call functions which are inside the remote processes
Can hook COM OLE and ActiveS interfaces
User types (enum, struct and union) and user defines are supported
All is is done like modules : you can log or override independently for any function
A library is provided for developpers who intend to build their one hooking software
