hi people,

i found a library called detours from microsoft web site (http://research.microsoft.com/sn/detours/). it is a library for hooking api. i checked out the samples it encloses, it can embed a piece of dll program which contain the "hook" function to an EXE at runtime.

and then, it uses GetCurrentThread() function to get the current thread and inject the hook function.

to hook the function, the dll's source looks like this:

DetourTransactionBegin();
//get current thread
DetourUpdateThread(GetCurrentThread());
//actually attach the hoop function to the current thread
DetourAttach(&(PVOID&) hookpointer , originalpointer );
DetourTransactionCommit();

but i don't want to write the hook function in a dll, i want to implement the whole thing in an EXE, so that i can fully control the hook function with the outside EXE.

i don't know how to get a thread of another process. is there any winapi to replace the GetCurrentThread()?

why hook api programes like the detours samples are always written as DLLs? can i just write it in an EXE and control the hook function's behavior during the target applictation's runtime?