WinAPIOverride :
  - New hooking way
       No stack pointer change (no stack hooking algorithm)
       No base pointer change (allow to hook functions compiled with /Oy optimization)
       Exceptions are not catch and rethrown but just spied, and exception registers are logged
       Call analysis doesn't require the "try to retrieve call stack" option
...

This software allows you to monitor and/or override any function of a process.
This can be done for API functions, executable internal functions COM or ActiveX methods.

WinAPIOverride is more than a standard API monitoring software.
It can break targeted application before or after a function call, allowing memory or registers changes; and it can directly call functions of the targeted application.

These features allows to fill the gap between classical API monitoring softwares and debuggers.

Main differences between over API hooker :
  - You can define filters on parameters or function result
  - You can define filters on dll to discard calls from windows system dll
  - You can hook functions inside the target process not only API
  - You can hook asm functions with parameters passed through registers
  - Pre and Post API call hooking chain (you can install multiple hooks for the same function)
  - Monitor hardware and software exceptions
  - COM / ActiveX hooking support
  - Double and float results are logged
  - You can easily override any API, any process internal function, any COM or ActiveX method
  - You can break process before or/and after function call to change memory or registers
  - You can call functions which are inside the remote processes
  - All is is done like modules : you can log or override independently for any function

TracePlus®/Win32 provides information on application usage of the Win32, ODBC, and DB-Library APIs. It traces 25 categories of API functions, comprising nearly 1200 API calls.

Using its unique visual realtime display of Win32 activity, you can spot timing-sensitive API issues, view error codes for failed Win32 functions, reverse engineer other Win32 applications without source code, locate DLLs loaded by an application, and discover what registry keys are used by an application.

Detours is a library for instrumenting arbitrary Win32 functions on x86 machines. Detours intercepts Win32 functions by re-writing target function images. The Detours package also contains utilities to attach arbitrary DLLs and data segments (called payloads) to any Win32 binary.

You can monitor all imported API of any process. Without problems works on Win XP. Framework v2 needed

Hoko (Esperanto for 'hook') is a library that easily could be used to set up a system wide API hook and take them down again at any time on Windows 9x/ME/NT/2k/XP. Your handler, which must be coded in the DELTA code method, is always executed if any process calls the target API. Newly created processes and newly loaded modules are patched before its actual entry point is reached. Your handler is able to modify the API arguments, the registers from the time of the call and the return value of the API call. The user API hook handler could also call the original API itself and addtionally receives some information as e.g. process/thread id, etc.

ApiHooks allows developers to watch intermodule communications. Suitable for file monitors, registry monitors, dumpers, antiviruses and unpackers.

API Monitor is a software that monitors and displays API calls made by applications. Its a powerful tool for seeing how Windows and other applications work or tracking down problems that you have in your own applications. The current version include Filters to monitor the following API Categories. A complete list of API categories and API's is available here.

APIS32 ( API Spy ) - is the best tool for examine Windows API functions used by 32 bit Windows applications. It allows to examine any known API function`s calls that are resolved during the program load time and are given by APIS32. APIS32 will work with Windows95/98/ME and Windows NT/2000/XP applications which will be executed on the any Win32 platforms.

API-Log shows you how often a API is called by the selected process! Furthermore it provides you the EIP of the call!

Features

• All known spy softwares work as debuggers - kerberos does not run the target as debugger
• You can hook other than WinAPI functions
• Plugin support that gives unlimited control of functions