<div>
<div class="content wysiwyg-content">
My question might be easier to understand if I give some background information.<br />
<br />
I made a nice writeprocessmemory, and readprocessmemory hook in a dll and a program to log the function calls of a selected process. Works fine for some programs, but not for others. So I thought, why not take the program you want to log, run it suspended, and change the import table of the selected functions to point to your code. <br />
<br />
Any hints/tips/code would be appreciated. =) 
</div>
</div>


My question might be easier to understand if I give some background information.

I made a nice writeprocessmemory, and readprocessmemory hook in a dll and a program to log the function calls of a selected process. Works fine for some programs, but not for others. So I thought, why not take the program you want to log, run it suspended, and change the import table of the selected functions to point to your code. 

Any hints/tips/code would be appreciated. =) 

Editing IAT/Import Table on the fly.

Delphi is the most powerful Object Pascal IDE and component library for cross-platform Native App Development with flexible Cloud services and broad IoT connectivity. It provides powerful VCL controls for Windows 10 and enables FMX development for Windows, Mac and Mobile. Delphi is your choice for ultrafast Enterprise Strong Development™. Look for increased memory for large projects, extended multi-monitor support, improved Object Inspector and much more. Delphi is 5x faster for development and deployment across multiple desktop, mobile, cloud and database platforms including 32-bit and 64-bit Windows 10.

Delphi

Pascal is an influential imperative and procedural programming language, largely (but not exclusively) intended to teach students structured programming and data structuring. Pasca was implemented on a wide range of architectures, from early PCs to mainframes. Pascal derivatives include OOP-based Object Pascal (used in Delphi and Lazarus/Free Pascal). Pascal is a purely procedural language and includes control statements with reserved words, but has many data structuring facilities and other abstractions like type definitions, records, pointers, enumerations, and sets.