Please add ability to filter executable names

[shodanx2]

The ability to only show hook message events to one specific application would greatly improve the usefulness of this software

Also millisecond precision timestamps on each message entry would make browsing through the large mass of messages easier !

thanks !

I still managed to find what I needed!

[learn-more]

Thanks for the suggestion, I'll look into it.

[learn-more]

@shodanx2 I have added an CSV export to the results window: https://github.com/learn-more/WindowsHookEx/releases/tag/0.8.0
This does not allow filtering inside the WindowsHookEx view (which requires a rewrite of some parts).

Hopefully this helps you when analyzing data.

[shodanx2]

Yes that certainly is going to help.

I was trying to capture WM_PAINT message for the cmd.exe/conhost.exe console, unfortunately it seems to be impossible to do in a managed languages like vba/vbs/vbnet/c#/powershell

[learn-more]

Yes that certainly is going to help.

I was trying to capture WM_PAINT message for the cmd.exe/conhost.exe console, unfortunately it seems to be impossible to do in a managed languages like vba/vbs/vbnet/c#/powershell

If that can be done in a native language, then it can be done in a managed language.

I will keep this ticket open until I have at least added better timestamps, I have not decided yet if I want to implement filtering in the application itself.