MinHook is a Windows API hooking library originally written by Tsuda Kageyu.
It’s probably the best free WinAPI library out there which supports both x86 and x64.
But it’s not perfect, and didn’t completely fit my needs, so I created a fork on GitHub which addresses some of its limitations.
Below you’ll see how the fork improves upon the original MinHook library.
Added the ability to enable/disable multiple hooks in one go
This was the most critical limitation for me.
Enabling or disabling a hook is a very expensive operation. In order to safely enable/disable a hook, all the process’ threads must be suspended, and resumed after the trampoline is patched. With the original API you couldn’t avoid doing this for every hook you enable or disable.
The fork introduces new APIs for efficiently enabling/disabling multiple hooks in one go:
MH_QueueDisableHook multiple times, the hooks aren’t actually get enabled or disabled, but are merely flagged for the desired change. Then, when
MH_ApplyQueued is called, all the flagged hooks are enabled/disabled in one go. The process’ threads get suspended and resumed only once, instead of every time for each enabled or disabled hook.
Also, the MH_EnableHook and MH_DisableHook functions can now be called with the MH_ALL_HOOKS parameter, which will efficiently enable or disable all created hooks.
The result: toggling 100 hooks could take about 700 ms (almost one second!) with the old APIs, but takes only 6 ms with the new APIs. (source)
Fixed bugs and improved compatibility
In short: now it works with more functions, and will correctly fail if a function can’t be hooked (instead of corrupting other functions).
For more details see here.
Removed Boost dependency
This is not as critical as the previous limitations, but is definitely an improvement.
Get the latest code of the MinHook fork here.