Frida Game Hacking MCP

Overview Schema Related Servers Score Discussions

intercept_module_function

Hook exported functions in game modules to intercept and modify execution flow using custom JavaScript code for game hacking and reverse engineering.

Instructions

Hook a function by module and function name.

Args:
    module_name: Name of the module (e.g., "game.dll")
    function_name: Name of the exported function
    on_enter: JavaScript for onEnter
    on_leave: JavaScript for onLeave

Returns:
    Hook status with resolved address.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`module_name`	Yes
`function_name`	Yes
`on_enter`	No
`on_leave`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Implementation Reference

src/frida_game_hacking_mcp/server.py:1662-1683 (handler)

The handler implementation for the 'intercept_module_function' MCP tool. This function resolves the target function's address using the 'resolve_symbol' tool and then hooks it by calling the 'hook_function' tool.

@mcp.tool()
def intercept_module_function(module_name: str, function_name: str,
                              on_enter: str = "", on_leave: str = "") -> Dict[str, Any]:
    """
    Hook a function by module and function name.
    
    Args:
        module_name: Name of the module (e.g., "game.dll")
        function_name: Name of the exported function
        on_enter: JavaScript for onEnter
        on_leave: JavaScript for onLeave
    
    Returns:
        Hook status with resolved address.
    """
    result = resolve_symbol(module_name, function_name)
    if "error" in result:
        return result
    
    return hook_function(result["address"], on_enter, on_leave,
                        f"{module_name}!{function_name}")

src/frida_game_hacking_mcp/server.py:1454-1494 (helper)

Helper tool 'resolve_symbol' used by 'intercept_module_function' to find the address of the exported function in the specified module using Frida's Module.findExportByName.

def resolve_symbol(module_name: str, symbol_name: str) -> Dict[str, Any]:
    """
    Resolve a symbol to its address.
    
    Args:
        module_name: Name of the module containing the symbol
        symbol_name: Name of the symbol/function
    
    Returns:
        Address of the symbol.
    """
    global _session
    
    if not _session.is_attached():
        return {"error": "Not attached. Use attach() first."}
    
    try:
        script_code = f"""
        var addr = Module.findExportByName("{module_name}", "{symbol_name}");
        send(JSON.stringify(addr ? {{address: addr.toString()}} : {{error: "Symbol not found"}}));
        """
        
        result_data = []
        def on_message(message, data):
            if message['type'] == 'send':
                result_data.append(message['payload'])
        
        script = _session.session.create_script(script_code)
        script.on('message', on_message)
        script.load()
        script.unload()
        
        import json
        result = json.loads(result_data[0]) if result_data else {"error": "No response"}
        result["module"] = module_name
        result["symbol"] = symbol_name
        return result
    
    except Exception as e:
        return {"error": f"Failed to resolve symbol: {str(e)}"}

src/frida_game_hacking_mcp/server.py:1500-1555 (helper)

Core helper 'hook_function' that actually installs the Frida Interceptor hook at the given address with provided onEnter/onLeave JavaScript callbacks. Called by 'intercept_module_function' after address resolution.

@mcp.tool()
def hook_function(address: str, on_enter: str = "", on_leave: str = "",
                  description: str = "") -> Dict[str, Any]:
    """
    Hook a function at the specified address.
    
    Args:
        address: Address to hook (hex string)
        on_enter: JavaScript code for onEnter (has access to 'args' array)
        on_leave: JavaScript code for onLeave (has access to 'retval')
        description: Optional description
    
    Returns:
        Hook status.
    """
    global _session
    
    if not _session.is_attached():
        return {"error": "Not attached. Use attach() first."}
    
    if address in _session.hooks:
        return {"error": f"Hook exists at {address}. Use unhook_function() first."}
    
    try:
        addr = int(address, 16) if address.startswith("0x") else int(address)
        
        # Use empty statement if no code provided (comment would break JS syntax)
        on_enter_code = on_enter.strip() if on_enter else ""
        on_leave_code = on_leave.strip() if on_leave else ""
        
        script_code = f"""
        Interceptor.attach(ptr("{hex(addr)}"), {{
            onEnter: function(args) {{ {on_enter_code} }},
            onLeave: function(retval) {{ {on_leave_code} }}
        }});
        send("Hook installed");
        """
        
        def on_message(message, data):
            if message['type'] == 'error':
                logger.error(f"Hook error: {message}")
        
        script = _session.session.create_script(script_code)
        script.on('message', on_message)
        script.load()
        
        _session.hooks[address] = HookInfo(
            address=address, script=script, hook_type="intercept",
            description=description or f"Hook at {address}"
        )
        
        return {"success": True, "address": address, "message": f"Hook installed at {address}"}
    
    except Exception as e:
        return {"error": f"Failed to install hook: {str(e)}"}

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It mentions 'Hook a function' and returns 'Hook status with resolved address,' implying a mutation operation, but doesn't disclose critical behavioral traits like whether this requires elevated permissions, if it's destructive to process stability, potential side effects (e.g., crashes), rate limits, or error handling. The description is minimal and lacks necessary context for safe use.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded, starting with the core purpose. The 'Args' and 'Returns' sections are structured for clarity, but the 'Returns' section could be more detailed. Every sentence adds value, though it could be slightly more concise by integrating the parameter list more seamlessly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (function hooking with JavaScript callbacks), no annotations, and an output schema (implied by 'Returns'), the description is moderately complete. It covers the basic purpose and parameters but lacks critical behavioral details (e.g., safety, permissions) and doesn't fully leverage the output schema to explain return values in depth, leaving room for improvement in context.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 0%, so the description must compensate. It lists all four parameters with brief examples (e.g., 'game.dll') and clarifies that 'on_enter' and 'on_leave' are JavaScript, adding meaning beyond the schema's generic titles. However, it doesn't explain parameter constraints, such as valid module formats or JavaScript execution context, leaving gaps in understanding.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Hook a function by module and function name.' It specifies the verb ('hook') and resource ('function'), and distinguishes it from siblings like 'hook_function' and 'hook_native_function' by specifying 'by module and function name.' However, it doesn't fully differentiate from 'replace_function' which might have overlapping functionality.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives like 'hook_function' or 'replace_function.' It lacks context about prerequisites, such as whether the module must be loaded or the process attached, and doesn't mention any exclusions or specific scenarios where this tool is preferred.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/0xhackerfren/frida-game-hacking-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server