win32

package

v0.19.3 Latest Latest Go to latest Published: Jun 7, 2023 License: AGPL-3.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fkie-cad/yapscan

Links

Open Source Insights

Documentation ¶

Rendered for windows/amd64

Overview ¶

Package win32 provides WinAPI functions and wrappers that are either inaccessible through golang.org/x/sys/windows or too complex to use directly.

Index ¶

Constants
func ConvertSidToStringSid(sid *windows.SID) (string, error)
func CreateRemoteThreadMinimal(process windows.Handle, startAddress uintptr) error
func GetModuleFilenameExW(process windows.Handle, module windows.Handle) (string, error)
func GetSystemTimes() (idleTicks int64, kernelTicks int64, userTicks int64, err error)
func GetTokenOwner(token windows.Token) (*windows.SID, error)
func ListThreads(pid uint32) ([]uint32, error)
func QueryFullProcessImageName(procHandle windows.Handle) (string, error)
func ReadProcessMemory(process windows.Handle, address uintptr, buffer []byte) (int, error)
func ResumeProcess(pid uint32) error
func SuspendProcess(pid uint32) error
func SuspendThread(thread windows.Handle) (uint32, error)
type MemoryBasicInformation
- func VirtualQueryEx(process windows.Handle, address uintptr) (MemoryBasicInformation, error)
type MemoryStatusEx
- func GlobalMemoryStatusEx() (*MemoryStatusEx, error)
type TokenOwner

Constants ¶

View Source

const (
	MEM_IMAGE   = 0x1000000
	MEM_MAPPED  = 0x40000
	MEM_PRIVATE = 0x20000

	MEM_COMMIT  = windows.MEM_COMMIT
	MEM_FREE    = 0x10000
	MEM_RESERVE = windows.MEM_RESERVE
)

View Source

const DwordNegativeOne uintptr = 0xffffffff

View Source

const Null uintptr = 0

Variables ¶

This section is empty.

Functions ¶

func ConvertSidToStringSid ¶

func ConvertSidToStringSid(sid *windows.SID) (string, error)

func CreateRemoteThreadMinimal ¶

func CreateRemoteThreadMinimal(process windows.Handle, startAddress uintptr) error

func GetModuleFilenameExW ¶

func GetModuleFilenameExW(process windows.Handle, module windows.Handle) (string, error)

func GetSystemTimes ¶

func GetSystemTimes() (idleTicks int64, kernelTicks int64, userTicks int64, err error)

func GetTokenOwner ¶

func GetTokenOwner(token windows.Token) (*windows.SID, error)

func ListThreads ¶

func ListThreads(pid uint32) ([]uint32, error)

func QueryFullProcessImageName ¶

func QueryFullProcessImageName(procHandle windows.Handle) (string, error)

func ReadProcessMemory ¶

func ReadProcessMemory(process windows.Handle, address uintptr, buffer []byte) (int, error)

func ResumeProcess ¶

func ResumeProcess(pid uint32) error

func SuspendProcess ¶

func SuspendProcess(pid uint32) error

func SuspendThread ¶

func SuspendThread(thread windows.Handle) (uint32, error)

Types ¶

type MemoryBasicInformation ¶

type MemoryBasicInformation struct {
	BaseAddress       uintptr
	AllocationBase    uintptr
	AllocationProtect uint32

	RegionSize uintptr
	State      uint32
	Protect    uint32
	Type       uint32
	// contains filtered or unexported fields
}

func VirtualQueryEx ¶

func VirtualQueryEx(process windows.Handle, address uintptr) (MemoryBasicInformation, error)

type MemoryStatusEx ¶

type MemoryStatusEx struct {
	Length               uint32
	MemoryLoad           uint32
	TotalPhys            uint64
	AvailPhys            uint64
	TotalPageFile        uint64
	AvailPageFile        uint64
	TotalVirtual         uint64
	AvailVirtual         uint64
	AvailExtendedVirtual uint64
}

func GlobalMemoryStatusEx ¶

func GlobalMemoryStatusEx() (*MemoryStatusEx, error)

type TokenOwner ¶

type TokenOwner struct {
	Owner *windows.SID
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL