Introduction to Windows API
An intro to Windows API, naming/behaviour/calling conventions in C and ASM.
Updated 23 January 2026
Learn
In this page there are all the topics that I want to detail more but it is better to expand outside a standard report.
This often include reproducible Go code that you can build on a Windows machine and test out to prove how some techniques implemented by malware authors works in details.
Mutex
Learn how malware uses Mutexes.
Updated 23 January 2026
Load Resources
Learn how malware loads embedded resources.
Updated 22 January 2026
Process Enumeration
Section exploring how malware attempts to enumerate running processes on a Windows machine.
Updated 23 November 2025
Load Library
Load a library indirectly to improve evasion and anti-analysis.
Updated 22 November 2025