Winsock Hook

IP Tools Snifer (Erwan L)

Winsock Hook

 

Here, you can hook winsock API’s for one particular process.

Everytime the process will call one the winsock API’s (send, recv, …) it will be displayed in the main windows.

 

A DLL will be injected via CreateRemoteThread.

The DLL will then hook winsock API’s and inform IP tools via SendMessage.