Why should you use SafetyHook ?
If you're a developer looking to dive into hooking, SafetyHook might just be the tool you need. In this tutorial, we'll walk through what SafetyHook is, how to install it, and how to use it in a simple project. By the end, you'll have a hooked function up and running with minimal effort !
What is SafetyHook ?
SafetyHook is a modern, C++23 based procedure hooking library designed for Windows. Procedure hooking allows you to intercept and modify the behavior of functions at runtime. What makes SafetyHook different from most hooking libs is its focus on safety and simplicity. Hooking can be risky or unnecessarily complex sometimes, potentially giving you headaches if not handled properly. SafetyHook mitigates these risks with features like:- Thread Safety: It pauses all other threads when creating or removing hooks to prevent race conditions.
- Instruction Pointer Correction: It adjusts the instruction pointers (IP) of affected threads to keep everything running smoothly.
- Relocation Handling: It fixes IP relative displacements (like lea rax, [rip + 0xCOFFEE]) and relative offsets (like jmp 0xDEADBEEF) in relocated instructions.
- Branch Management: It converts short branches to near branches and handles cases where branches land within the trampoline.
- User-Friendly API: Its design minimizes the chance of misuse, making it approachable even if you're new to hooking.
Installing SafetyHook
Before we hook anything, we need to get SafetyHook into our project. There are a few ways to do this, but we’ll cover the simplest method in just 3 steps.- Head to the
You must be registered for see links.
- Download the ZIP file and choose the one with Zydis included unless you already have Zydis in your project.
- Extract the ZIP and copy the files into your project directory (like deps/safetyhook folder).
Writing Your First Hook
Let’s create a simple program that hooks a basic addition function. We’ll double the inputs before passing them to the original function, just to see SafetyHook in action.1. Set Up Your Code
Create a new C++ file and include SafetyHook:
main.cpp:
#include <iostream>
#include "safetyhook/safetyhook.hpp"2. Define the Original Function
We’ll create a simple add function that we’ll hook later. The __declspec(noinline) ensures the compiler doesn’t inline it, making it hookable
main.cpp:
__declspec(noinline) int add(int x, int y) {
return x + y;
}3. Define the Hook Function
Next, we need a function to replace add. This hook will double the inputs and call the original function
main.cpp:
// Global hook object
SafetyHookInline g_add_hook{};
int hook_add(int x, int y) {
// Call the original with doubled values
return g_add_hook.call<int>(x * 2, y * 2);
}4. Hook it up
In main, we’ll set up the hook, test it, and then remove it:
main.cpp:
int main() {
// Test the unhooked function
std::cout << "unhooked add(2, 3) = " << add(2, 3) << "\n";
// Create the hook
g_add_hook = safetyhook::create_inline(reinterpret_cast<void*>(add), reinterpret_cast<void*>(hook_add));
// Test the hooked function
std::cout << "hooked add(3, 4) = " << add(3, 4) << "\n";
// Remove the hook by resetting the object
g_add_hook = {};
// Test the unhooked function again
std::cout << "unhooked add(5, 6) = " << add(5, 6) << "\n";
return 0;
}5. Build and run
Compile your code using C++23 (like MSVC with /std:c++23). Make sure SafetyHook and Zydis are properly linked. When you run it, you should see
console:
unhooked add(2, 3) = 5
hooked add(3, 4) = 14
unhooked add(5, 6) = 11Here’s what’s happening:
- First call: add(2, 3) runs normally, giving 5.
- Second call: add(3, 4) goes through hook_add, doubling the inputs to 6 and 8, so 6 + 8 = 14.
- Third call: The hook is removed, and add(5, 6) returns 11.
Next Steps
Now that you’ve got a basic hook working, try experimenting! Hook a function in a larger project, or explore SafetyHook’s advanced features like mid function hooking. Check out the
You must be registered for see links
for more examples and documentation.
Happy Hooking !
Last edited:
