Skip to content

saferwall/winsdk2json

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits

.vscode

.vscode

 
 

assets

assets

 
 

cmd

cmd

 
 

internal

internal

 
 

phnt @ 7c1adb8

phnt @ 7c1adb8

 
 

sdk-api @ 0398db6

sdk-api @ 0398db6

 
 

tests

tests

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

cli.go

cli.go

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

Repository files navigation

winsdk2json

sdk2json is a go package that parses the Windows SDK (function prototypes, structures, unions) to a friendlier format like JSON. The purpose of this tool was initially for the API hooking module (of saferwall sandbox) to allow an implementation of a generic hook handler that does not require knowledge of specific API prototype to know how to log them.

winsdk2json relies on a C compiler frontend for parsing the C headers and convert them to a higher level objects. Those objects can be serialized formats like JSON or YAML.

Here is an example:

{
 "advapi32.dll": {
  "ControlService": {
   "callconv": "WINAPI",
   "name": "ControlService",
   "retVal": "BOOL",
   "params": [
    {
     "anno": "_In_",
     "type": "SC_HANDLE",
     "name": "hService"
    },
    {
     "anno": "_In_",
     "type": "DWORD",
     "name": "dwControl"
    },
    {
     "anno": "_Out_",
     "type": "LPSERVICE_STATUS",
     "name": "lpServiceStatus"
    }
   ]
  },

Usage

You can download the JSON files that contains all the definitions of the Win32 APIs in the releases page. If however, you intend to generate those definitions on another custom that fits your needs, please follow the instructions below:

Clone the repo:

git clone https://github.com/saferwall/winsdk2json.git
cd winsdk2json
git submodule init
git submodule update

Build & run"

go build cli.go
.\cli.exe -h

WinSdk2JSON - a tool to parse the Windows Win32 SDK into JSON format.
For more details see the github repo at https://github.com/saferwall/winsdk2json

Usage:
  winsdk2json [flags]
  winsdk2json [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  parse       Walk through the Windows SDK and parse the Win32 headers
  version     Version number

Flags:
  -h, --help   help for winsdk2json

This package tries to stay up to date with the latest Windows SDK, they are copied into the winsdk/ folder. However, feel free to use an SDK version that is not included in this repo. The parse command takes a i argument that points to the Windows SDK headers. For example: C:\\Program Files (x86)\\Windows Kits\\10\\Include\\10.0.19041.0\\.

Lessons Learned

  • SAL annotations
  • Some Windows APIs does not have a ANSI alternative: i.e OpenMutexW
  • API like CreateToolhelp32Snapshot does not have annotations.

References

About

Win32 APIs SDK parsed to JSON

saferwall.com

Topics

windows-sdk win32

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

6 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 3

v0.1.0 Latest
Sep 5, 2023
+ 2 releases

Packages

No packages published

Languages