The problem with connecting NT DLL files!

Question

The problem with connecting NT DLL files!

What is the best tool to track NT API.

+3

file-io kernel hook

kiddo Jul 16 '10 at 11:51

source share

3 answers

Microsoft Detours can help you do this, and it's free.

+1

Chris o Jul 24 '10 at 19:10

source share

I don't know if this is on the beam, but try this for Win32. For the Native API, I think that only about 20% of this document is documented.

Win32 API Monitor

0

scope_creep Jul 22 '10 at 21:59

source share

Mike · Accepted Answer · 2010-07-23T17:28:29+0000

If you are in the desired process, you can redirect the IAT (import address table) for the DLL that you want to control. If you are not already running executable code, you will also need to find a way to load the code into the desired process.

The problem with connecting NT DLL files!

More articles: