I have been meaning to make a post like this forever as I feel it is imperative that you learn how to interact with the Windows API to get past the typical “Metasploit Pentester” plateau and take your knowledge and understanding to the next level. Not only is it important to augment your understanding of what is happening under the hood, but also to give you a little more imagination and to expand the boundaries of your toolmaking ventures!
Also, I want to point out that this is not meant to be either an exhaustive or an advanced walkthrough, it is only meant to get people started and providing them the tools to get started with interaction with the Windows API. So without further ado…
First thing you need to know, is that we will be using the amazing “ctypes” module within python to do all of our interactions, so be sure to start all of your code off with this: