PSDetour
Windows Detour Hooking in PowerShell
MIT License
Bot releases are hidden (Show)
What's Changed
- Fix up Trace-PSDetourProcess with Function based scriptblocks by @jborean93 in https://github.com/jborean93/PSDetour/pull/11
v0.4.1 - 2023-08-03
- Allow using a scriptblock backed by a
FunctionDefinitionAst(${Function:Func-Name}) for hooks provided toTrace-PSDetourProcess
Full Changelog: https://github.com/jborean93/PSDetour/compare/v0.4.0...v0.4.1
Published by jborean93 about 1 year ago
What's Changed
- Improve trace command helpers by @jborean93 in https://github.com/jborean93/PSDetour/pull/10
v0.4.0 - 2023-08-03
- Automatically define
-FunctionsToDefinein the hooks being run withTrace-PSDetourProcess, no need to call$this.State.GetFunction('Name')to redefine it-
$this.State.GetFunctionhas been removed and will no longer work
-
- Ensure the scriptblocks used with
Trace-PSDetourProcesskeep the original stacktrace locations for better debugging
Full Changelog: https://github.com/jborean93/PSDetour/compare/v0.3.1...v0.4.0
Published by jborean93 about 1 year ago
What's Changed
- Update build scripts by @jborean93 in https://github.com/jborean93/PSDetour/pull/8
- Add lock for trace output pipe by @jborean93 in https://github.com/jborean93/PSDetour/pull/9
v0.3.1 - 2023-07-25
- Added lock for
Trace-PSDetourProcessoutput pipe to avoid multiple threads clobbering the serialized output
Full Changelog: https://github.com/jborean93/PSDetour/compare/v0.3.0...v0.3.1
Published by jborean93 over 1 year ago
What's Changed
- Add Trace-PSDetourProcess and store detoured info by @jborean93 in https://github.com/jborean93/PSDetour/pull/6
- Prepare for v0.3.0 release by @jborean93 in https://github.com/jborean93/PSDetour/pull/7
v0.3.0 - 2023-06-13
- Added
Trace-PSDetourProcessto make it easier to start hooks for auditing in other processes- This provides a common mechanism that can be used to output data from a remote hook as well as wait for input data in the hook itself
- Provides a
DetouredModulesproperty in the hooks$thisvariable- This provides access to other detoured method's InvokeContext allowing the hook to call the underlying API
- Remove separate parameter sets for
New-PSDetourHook- A breaking change is that
DllNameandMethodNamemust be specified withAddressnow
- A breaking change is that
- Added option
-AddressIsOffsetto specify-Addressis located at the offset of the-DllNamewhen loaded in the process
Full Changelog: https://github.com/jborean93/PSDetour/compare/v0.2.0...v0.3.0
Published by jborean93 over 1 year ago
What's Changed
- Update CI action versions by @jborean93 in https://github.com/jborean93/PSDetour/pull/3
- Add hook by address to New-PSDetourHook by @jborean93 in https://github.com/jborean93/PSDetour/pull/5
Full Changelog: https://github.com/jborean93/PSDetour/compare/v0.1.1...v0.2.0
Published by jborean93 almost 2 years ago
What's Changed
- Remove stray Console.WriteLine by @jborean93 in https://github.com/jborean93/PSDetour/pull/2
Full Changelog: https://github.com/jborean93/PSDetour/compare/v0.1.0...v0.1.1
