How does the detour crate work?
We want to hook a function, so that our code gets called... but we also want the original code to execute. How the heck does that work?
00:00 Where were we
02:08 Disassembling for fun and profit
05:47 Double buffering, for some reason
07:25 Why detouring isn't trivial
08:56 Control flow in assembly
10:04 Registers and the AMD64 ABI
11:18 Functions and how to call them
13:14 The JMP instruction
14:01 Simple obfuscation techniques
15:13 How it all works
17:53 Homework assignment
Another random video
You can watch more videos over there