Microsoft Research Detours

Microsoft Research Detours

Microsoft Research Detours is a software package that enables you to intercept and modify functions in Windows applications by intercepting Win32 functions. It works by allowing developers to add instrumentation code to any binary without modifying the source code.
Development Debugging Tools
Microsoft Research Detours image
interception instrumentation win32-api-hooking
Microsoft Research Detours alternatives ➤

Microsoft Research Detours: Intercept and Modify Win32 Functions

A software package that enables interception and modification of functions in Windows applications by adding instrumentation code to any binary without modifying the source code.

What is Microsoft Research Detours?

Microsoft Research Detours is an open source library that provides API interception capabilities for developers on the Windows platform. It allows developers to intercept API calls made by existing compiled applications and inject custom code into the flow of execution.

The key capability Detours provides is the ability to modify the behavior of a Windows application without having access to its source code. It works by intercepting function calls at the binary level as they are invoked by the Windows loader. Developers can register callback functions that get executed before, after, or instead of the actual target functions.

This makes Detours highly useful for debugging, profiling performance, adding instrumentation, implementing patches, experimenting with apis, and numerous other use cases where you need to modify or extend a compiled Windows application. It is provided as a C++ library with a DLL import.

Some of the key uses of the Detours library include: performance profiling, debugging extensions, interoperability shims, security mitigations, application compatibility fixes, prototyping features, reverse engineering, and learning how apis work. It has been widely used within Microsoft as well.

Overall, Detours provides extremely valuable capabilities to intercept and modify native API calls in already-compiled Windows applications. It enables scenarios that would be difficult or impossible otherwise without access to source code.

Microsoft Research Detours Features

Features

  1. Function interception
  2. Binary instrumentation without source code modification
  3. Works on Windows applications using Win32 API functions
  4. Can intercept both imported and non-imported functions
  5. Supports x86 and x64 architectures

Pricing

  • Open Source

Pros

Allows modifying application behavior without access to source code

Useful for debugging, profiling, etc without recompiling

Lightweight and fast compared to other instrumentation tools

Open source and free to use

Cons

Only works on Windows platforms

Can cause stability issues if not used properly

Requires understanding of target binary to intercept right functions

Extra overhead compared to no instrumentation

Official Links

Official Website
https://www.microsoft.com/en-us/research/projec...

The Best Microsoft Research Detours Alternatives

Top Development and Debugging Tools and other similar apps like Microsoft Research Detours

Here are some alternatives to Microsoft Research Detours:

EasyHook icon
EasyHook
Deviare In-Process icon
Deviare In-Process
MadCodeHook icon
madCodeHook
HookInjEx icon
HookInjEx
Mhook icon
Mhook
Deviare API Hook icon
Deviare API Hook
Suggest an alternative ❐

EasyHook icon

EasyHook

EasyHook is an open-source library that enables you to intercept functions, methods, events and more in managed applications on Windows and Linux. It works by hooking into the operating system's underlying mechanisms for redirecting execution flows.Some key features and uses of EasyHook include:Intercepting and modifying the behavior of functions and...
EasyHook image
Deviare In-Process icon

Deviare In-Process

Deviare In-Process is a powerful developer tool for Windows that enables hooking, intercepting API calls, spying variables and debugging other processes. It works by injecting DLLs into the target process and using a range of techniques to monitor, analyze and manipulate its behavior.Some key features of Deviare In-Process include:API hooking...
Deviare In-Process image
MadCodeHook icon

MadCodeHook

madCodeHook is a next-generation integrated development environment (IDE) designed to accelerate software development with machine learning and artificial intelligence features. It works as a smart add-on to traditional IDEs like Visual Studio Code and IntelliJ IDEA.Developers can benefit from madCodeHook's AI-powered code completion, bug catching, and recommendations to write better...
MadCodeHook image
HookInjEx icon

HookInjEx

HookInjEx is an open-source DLL injection tool for Windows. It allows injecting DLLs into running processes on Windows systems in order to run arbitrary code in the context of those processes. HookInjEx utilizes various DLL injection techniques like AppInit DLLs, SetWindowsHookEx hooks, etc. to achieve injection.The key features of HookInjEx...
HookInjEx image
Mhook icon

Mhook

Mhook is an open-source, self-hosted web hooks server and API request bin. It is designed to help developers test, build, and analyze inbound web hooks, API calls, and other types of HTTP requests.Key features of Mhook include:Easy setup - Mhook can be deployed on any Node.js environment with a MongoDB...
Mhook image
Deviare API Hook icon

Deviare API Hook

Deviare API Hook is an open-source Windows API hooking library that provides developers with the ability to intercept calls to API functions, modify function parameters and return values on-the-fly. It works by inserting hooks into running processes and DLLs without the need to modify original code.Some key features of Deviare...
Deviare API Hook image