Microsoft Detours
Microsoft Detours is an open source library for intercepting, monitoring and instrumenting binary functions on Microsoft Windows.[1] It is developed by Microsoft and is most commonly used to intercept Win32 API calls within Windows applications. Detours makes it possible to add debugging instrumentation and to attach arbitrary DLLs to any existing Win32 binary. Detours does not require other software frameworks as a dependency and works on ARM, x86, x64, and IA-64 systems.[2] The interception code is applied dynamically at execution time.
Original author(s) | Microsoft Research |
---|---|
Developer(s) | Microsoft |
Initial release | January 16, 2002 |
Stable release | 4.0.1
/ April 16, 2018 |
Repository | Detours on GitHub |
Written in | C++ |
Operating system | Microsoft Windows |
Type | Software library |
License | MIT License |
Website | Official website |
Detours is used by product teams at Microsoft and has also been used by ISVs.[1][3][4]
Prior to 2016, Detours was available in a free version limited for non-commercial and 32 bit only use and a paid version for commercial use.[5] Since 2016, the source code is licensed under MIT License and available on GitHub.[1]
References
- "Microsoft Research Detours Package". microsoft/Detours. January 16, 2021 – via GitHub.
- "Detours: Binary Interception of Win32 Functions" (PDF). cs.columbia.edu.
- "MS Detours: Ongoing vigilance keeps customers on the right track". September 10, 2013.
- "Service and Support". support.sophos.com.
- "Detours". Microsoft.com.
Further reading
- Hunt, Galen; Brubacher, Doug (1997). "Detours: Binary Interception of Win32 Functions" (PDF). Third USENIX Windows NT Symposium.