Course 25 - API Python Hacking | Episode 4: Structures, Process Spawning, and Undocumented Calls Titelbild

Course 25 - API Python Hacking | Episode 4: Structures, Process Spawning, and Undocumented Calls

Course 25 - API Python Hacking | Episode 4: Structures, Process Spawning, and Undocumented Calls

Jetzt kostenlos hören, ohne Abo

Details anzeigen

Über diesen Titel

 In this lesson, you’ll learn about:
  • Defining Windows Internal Structures in Python
    • Representing structures like PROCESS_INFORMATION and STARTUPINFO using ctypes.Structure
    • Mapping Windows data types (HANDLE, DWORD, LPWSTR) with the _fields_ attribute
    • Instantiating structures for API calls to configure or retrieve process information
  • Spawning System Processes
    • Using CreateProcessW from kernel32.dll
    • Setting application paths (e.g., cmd.exe) and command-line arguments
    • Managing creation flags like CREATE_NEW_CONSOLE (0x10)
    • Passing structures by reference with ctypes.byref to receive process and thread IDs
  • Accessing Undocumented APIs and Memory Casting
    • Leveraging DnsGetCacheDataTable from dnsapi.dll for reconnaissance
    • Navigating linked lists via pNext pointers in structures like DNS_CACHE_ENTRY
    • Using ctypes.cast to transform raw memory addresses into Python-readable structures
    • Extracting DNS cache information, such as record names and types, through loops and error handling
  • Key Outcome
    • Ability to build custom security tools that interact directly with Windows internals
    • Mastery of low-level API calls, memory traversal, and structure manipulation for forensic or security applications


You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
Noch keine Rezensionen vorhanden