How Windows API Works Under the Hood
Вставка
- Опубліковано 8 кві 2024
- In this video we will follow a Python open file function call all the way to the native API of Windows.
Tools:
- windbg - winget install windbg
- Visual Studio Build Tools
- Python 3.10 IDLE
Docs used in video:
NtDoc (unofficial) - ntdoc.m417z.com/ntcreatefile
Win32 Docs (official) - learn.microsoft.com/en-us/win...
Python 3.10 docs - docs.python.org/3.10/library/... - Наука та технологія
Unbelievable, one random guy can do what the biggest SW company in the world is not able to do.
A 5 minute hands on video about windbg, which teaches enough to get started. Including proper English, resolution and good audio quality. And without 20 minutes of BS.
You just make hours of reading and searching on MSDN into 5 mins, great video sir.
Odd time to upload a video, but I’ll take it. Thanks for your work: the world needs more no-nonsense guides like this.
Your channel will BLOW UP!! what an amazing video and youtube channel!!
Direct, simple and pragmatic... simply fantastic! From today you have a new subscriber to the channel
thanks for the video. something i've been looking for (you can take it as a video suggestion) is a video comparing syscalls in linux vs windows, focusing on the difference between how the syscall ID and arguments are passed using registers in linux and windows.
Cool idea I'll add that to my list, a video similar to this is also planned for Linux
I like the simplicity of your videos
Underrated channel :)
another banger vid, thanks!
This is amazingly cool!!!
plz more of things like that.... windows internals are sooooo much harder to learn than linux ones
You make great videos man!
Hey Nir,
First, Thanks for another great video
can you make more tutorials about winDg? maybe focusing on blue screen debugging
I didn't find any good examples of how to debug blue screen so I just re install windows :(
That's a cool idea, I will add to my list
Fantastic! Thank you very much! 🍀
Nice video, would love to see this done on the FileSystemWatcher process.
Very cool video!! I would still happily watch it if it were 1 hour long and more detailed! Thanks.
this is awesome!
hat's off to you!
First time seeing WinDbg, and based on other comments, showing how to actually quick start work with it.
As a new C programmer, where could I find the documentation of the C standard library? I am using multiple sources like GeekforGeeks, Javatpoint, etc. I would love to have a one source whom I can depend on. Do you know any?
I like using either the man pages, or devdocs.io
@@nirlichtman I'm actually using Windows MSVC compiler, so would that change anything?
@nirlichtman Also could you possibly make a video on writing C code which can run by all c compilers with proper directives? Because I heard that some features are specific for MSVC which must be disabled if the code is not complied using cl.exe. Also could you make a video on how to install C compiler using VS Build Tools, I tried to install it but I can't find cl.exe nor vcvarsall.bat.
cppreference is good documentation for both C and C++.
@@SaiponathGames In most cases for using the C library functions, the standard docs you can find in devdocs are sufficient, there are some specific Microsoft C library extension functions that are not part of the standard functions (for example _wsopen_s) which you can find information about on the Microsoft C/C++ library docs for example for this function learn.microsoft.com/en-us/cpp/c-runtime-library/reference/sopen-s-wsopen-s
wow that was really deep 😂
People complain about GDB, but I find the command-names/mnemonics for WinDBG far more obtuse.
GDB uses `bt` to show a backtrace of the stack, whereas WinDBG uses `k`, for instance.
Any good "cheat sheet" suggestions for WinDBG?
Yah I forgot to mention that a handy windbg command is .hh, it's like man, you can run for example ".hh k"
Nice video, WinDbg is so similar to gdb or maybe better 🤔. So to summarize working, user level function calls the windows api functions which in turn calls kernel functions which actually execute the operation (syscall). Right?
❤❤❤
Awesome!
Thanks Ach!