Windows API Explorer

Windows API Reference

Welcome to the Windows API Explorer. This section provides detailed information on core Windows API functions, their parameters, return values, and usage examples.

Kernel Objects

HANDLE CreateEvent(LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCTSTR lpName);
lpEventAttributes
Security attributes.
bManualReset
Manual-reset event or auto-reset event.
bInitialState
Initial state of the event.
lpName
Name of the event object.
Returns a handle to the event object, or NULL on failure.

Example:

HANDLE hEvent = CreateEvent(NULL, TRUE, FALSE, TEXT("MyCustomEvent"));
if (hEvent == NULL) {
    // Handle error
} else {
    // Event created successfully
    SetEvent(hEvent); // Signal the event
    CloseHandle(hEvent); // Release the handle
}

Process & Thread Management

HANDLE CreateProcess(LPCTSTR lpApplicationName, LPTSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCTSTR lpCurrentDirectory, LPSTARTUPINFO lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
lpApplicationName
Path to the executable.
lpCommandLine
Command line string.
lpProcessAttributes
Process security attributes.
lpThreadAttributes
Thread security attributes.
bInheritHandles
Handle inheritance flag.
dwCreationFlags
Creation flags.
lpEnvironment
Environment block.
lpCurrentDirectory
Current directory.
lpStartupInfo
Startup information.
lpProcessInformation
Process and thread information.
Returns TRUE on success, FALSE on failure.

Example:

STARTUPINFO si;
PROCESS_INFORMATION pi;
ZeroMemory(&si, sizeof(si));
si.cb = sizeof(si);
ZeroMemory(&pi, sizeof(pi));

if (!CreateProcess(NULL, "notepad.exe", NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi)) {
    // Handle error
} else {
    // Process created
    WaitForSingleObject(pi.hProcess, INFINITE); // Wait for process to exit
    CloseHandle(pi.hProcess);
    CloseHandle(pi.hThread);
}

Memory Management

LPVOID VirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
lpAddress
Desired starting address for allocation.
dwSize
Size of the region to allocate.
flAllocationType
Type of memory allocation.
flProtect
Memory protection flags.
Returns the starting address of the allocated region, or NULL on failure.

Example:

LPVOID mem = VirtualAlloc(NULL, 1024, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
if (mem == NULL) {
    // Handle error
} else {
    // Memory allocated
    // ... use mem ...
    VirtualFree(mem, 0, MEM_RELEASE); // Free memory
}

File I/O

HANDLE CreateFile(LPCTSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
lpFileName
Name of the file.
dwDesiredAccess
Access to the file (e.g., GENERIC_READ).
dwShareMode
Sharing mode.
lpSecurityAttributes
Security attributes.
dwCreationDisposition
How to create or open the file.
dwFlagsAndAttributes
File flags and attributes.
hTemplateFile
Template file handle.
Returns a handle to the opened file, or INVALID_HANDLE_VALUE on failure.

Example:

HANDLE hFile = CreateFile(TEXT("my_file.txt"), GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if (hFile == INVALID_HANDLE_VALUE) {
    // Handle error
} else {
    // File created/opened
    const char data[] = "Hello, Windows API!";
    DWORD bytesWritten;
    WriteFile(hFile, data, sizeof(data) - 1, &bytesWritten, NULL);
    CloseHandle(hFile);
}

Registry Operations

LONG RegCreateKeyEx(HKEY hKey, LPCTSTR lpSubKey, DWORD Reserved, LPTSTR lpClass, DWORD dwOptions, DWORD samDesired, LPSECURITY_ATTRIBUTES lpSecurityAttributes, PHKEY phkResult, LPDWORD lpDisposition);
hKey
Handle to an open key.
lpSubKey
Name of the subkey to create.
Reserved
Must be zero.
lpClass
Class type string.
dwOptions
Options for creating or opening the key.
samDesired
Access rights for the key.
lpSecurityAttributes
Security attributes.
phkResult
Pointer to receive the handle of the opened key.
lpDisposition
Information about whether the key was opened or created.
Returns ERROR_SUCCESS on success, or a non-zero error code.

Example:

HKEY hKey;
DWORD dwDisposition;
LONG res = RegCreateKeyEx(HKEY_CURRENT_USER, TEXT("Software\\MyAppData"), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_WRITE, NULL, &hKey, &dwDisposition);
if (res == ERROR_SUCCESS) {
    // Key created/opened
    const TCHAR* valueName = TEXT("Setting1");
    const TCHAR* valueData = TEXT("SomeValue");
    RegSetValueEx(hKey, valueName, 0, REG_SZ, (const BYTE*)valueData, sizeof(TCHAR) * (_tcslen(valueData) + 1));
    RegCloseKey(hKey);
} else {
    // Handle error
}

Networking

SOCKET socket(int af, int type, int protocol);
af
Address family (e.g., AF_INET for IPv4).
type
Socket type (e.g., SOCK_STREAM for TCP).
protocol
Protocol type (e.g., IPPROTO_TCP).
Returns a descriptor for the new socket, or INVALID_SOCKET on failure.

Example:

WSADATA wsaData;
if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
    // Handle error
    return 1;
}
SOCKET sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock == INVALID_SOCKET) {
    // Handle error
    WSACleanup();
    return 1;
}
// ... use socket ...
closesocket(sock);
WSACleanup();