Библиотека для работы с Win32 в C#


Feb 3, 2020
Reaction score
Хотел бы посоветовать обертку для работы с Win32 api, она покрывает основные кейсы, которые ,скорее всего, понадобятся вам (огромный список того, с чем она работает ).
  • Process interactions
  • Check if the process is debugged​
  • Gather information of the process​
  • Interact with the PEB (Process Environment Block)​
  • Memory interactions
  • Allocate and free a chunk of memory​
  • Change the protection of allocated regions​
  • Get an absolute/relative address from a pointer​
  • Query the memory allocated​
  • Read and write primitive and complex data types​
  • Module interactions
  • Enumerate all modules loaded​
  • Find functions inside a module​
  • Get the main module​
  • Inject and eject modules​
  • Thread interactions
  • Create and terminate threads​
  • Get the exit code of terminated threads​
  • Get the main thread​
  • Get the segments addresses​
  • Get threads by identifier​
  • Interact with the TEB (Thread Environment Block)​
  • Join threads​
  • Manage the context of threads​
  • Query the state of threads​
  • Suspend and resume threads​
  • Window interactions
  • Enumerate the windows of the process​
  • Enumerate the child windows of the process​
  • Enumerate the child windows of another window​
  • Flash the window (once or repeatedly)​
  • Get a window by its class name​
  • Get a window by its title (or a part of its title)​
  • Get the attached thread of a window​
  • Get the main window​
  • Interact with the keyboard with a window (press and release keys, write texts) without activate it​
  • Interact with the mouse with the window (clicks, movement)​
  • Post and send message​
  • Query the class name​
  • Query and modify the title​
  • Query and modify the size (height, width) and the position (X, Y)​
  • Assembly interactions
  • Assemble mnemonics​
  • Embed FASM compiler (https://github.com/ZenLulz/Fasm.NET)​
  • Execute remote codes (such as functions) with/without parameter(s) synchronously and asynchronously​
  • Inject mnemonics​
  • Support several calling conventions​
  • Data types manipulations
  • Extract useful information from data types​
  • Convert a byte array to a managed object​
  • Convert a managed object to a byte array​
  • Convert a pointer to a managed object​
  • Store data in the remote process in safe (collected when unused)​
  • Helpers available
  • ApplicationFinder: Find the right process to interact​
  • HandleManipulator: Convert an handle to a process or a thread​
  • Generic singleton: Implement a singleton on any of your class​
  • Randomizer: Generate random numbers, strings and Guid​
  • SerializationHelper: Serialize and deserialize managed object into XML​

Отличная документация и везде есть примеры.