Is there a method to detect what APIs are being called? Say I wanted to detect any application that uses the ReadProcessMemory API for instance. How doable is this in C#?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is there a method to detect what APIs are being called? Say I wanted to detect any application that uses the ReadProcessMemory API for instance. How doable is this in C#?
You can use EasyHook to hook system function calls and record them in a database of some sort. It’s not for the faint of heart, however, and you need to be very performance conscious (because it’s all too easy to bring a system to it’s knees if you end up hooking the wrong thing, or take too long in your hook procedure, etc).
What do you need this for? I would say that there might be a better way to do what you’re trying to do…