wraith/lib.rs
1#![cfg(windows)]
2#![cfg_attr(not(feature = "std"), no_std)]
3#![deny(unsafe_op_in_unsafe_fn)]
4#![allow(clippy::missing_safety_doc)] // we document safety in SAFETY comments
5
6//! wraith-rs: Safe abstractions for Windows PEB/TEB manipulation
7//!
8//! This library provides high-level, safe APIs for interacting with Windows
9//! process internals, including:
10//!
11//! - PEB/TEB structure access with version-aware field offsets
12//! - Module enumeration and querying
13//! - Module unlinking from PEB lists
14//! - Manual PE mapping (LoadLibrary bypass)
15//! - Direct/indirect syscall invocation
16//! - Hook detection and removal
17//! - Anti-debug techniques
18//!
19//! # Feature Flags
20//!
21//! - `std` (default): Use the standard library. Disable for `no_std` environments.
22//! - `alloc`: Enable heap allocation in `no_std` mode (requires an allocator).
23
24#[cfg(all(not(feature = "std"), feature = "alloc"))]
25extern crate alloc;
26
27#[cfg(feature = "std")]
28extern crate std;
29
30pub mod arch;
31pub mod error;
32#[cfg(any(
33 feature = "manual-map",
34 feature = "syscalls",
35 feature = "spoof",
36 feature = "hooks",
37 feature = "antidebug",
38 feature = "unlink",
39 feature = "remote"
40))]
41pub mod manipulation;
42#[cfg(feature = "navigation")]
43pub mod navigation;
44pub mod structures;
45pub mod util;
46pub mod version;
47
48// re-exports for convenience
49pub use error::{Result, WraithError};
50pub use structures::{Peb, Teb};
51pub use version::{WindowsRelease, WindowsVersion};
52
53/// library version
54pub const VERSION: &str = env!("CARGO_PKG_VERSION");