{"id":13642835,"url":"https://github.com/ergrelet/windiff","last_synced_at":"2025-05-16T13:08:04.908Z","repository":{"id":170351056,"uuid":"637578161","full_name":"ergrelet/windiff","owner":"ergrelet","description":"Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.","archived":false,"fork":false,"pushed_at":"2025-04-22T08:33:17.000Z","size":1028,"stargazers_count":338,"open_issues_count":3,"forks_count":18,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-04-22T09:44:34.617Z","etag":null,"topics":["diff","insider","nextjs","ntoskrnl","pdb","portable-executable","preview","reverse-engineering","rust","syscalls","undocumented","web","win32","windows"],"latest_commit_sha":null,"homepage":"https://windiff.vercel.app","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ergrelet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-05-08T00:53:12.000Z","updated_at":"2025-04-22T08:33:21.000Z","dependencies_parsed_at":"2023-10-26T09:30:40.221Z","dependency_job_id":"f7829e1b-4ac6-4ba9-a4c1-0d1ea851cae0","html_url":"https://github.com/ergrelet/windiff","commit_stats":null,"previous_names":["ergrelet/windiff"],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ergrelet%2Fwindiff","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ergrelet%2Fwindiff/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ergrelet%2Fwindiff/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ergrelet%2Fwindiff/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ergrelet","download_url":"https://codeload.github.com/ergrelet/windiff/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254535829,"owners_count":22087399,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["diff","insider","nextjs","ntoskrnl","pdb","portable-executable","preview","reverse-engineering","rust","syscalls","undocumented","web","win32","windows"],"created_at":"2024-08-02T01:01:36.943Z","updated_at":"2025-05-16T13:08:04.885Z","avatar_url":"https://github.com/ergrelet.png","language":"Rust","readme":"# WinDiff\n\n## About\n\nWinDiff is an open-source web-based tool that allows browsing and comparing\nsymbol, type and syscall information of Microsoft Windows binaries across\ndifferent versions of the operating system. The binary database is automatically\nupdated to include information from the latest Windows updates (including\nInsider Preview).\n\nIt was inspired by [ntdiff](https://github.com/ntdiff/ntdiff) and made possible\nwith the help of [Winbindex](https://github.com/m417z/winbindex).\n\n## Screenshot\n\n\u003cimg src=\"./docs/static/windiff_screenshot.png\" alt=\"Screenshot of WinDiff\"\u003e\n\n## How It Works\n\nWinDiff is made of two parts: a CLI tool written in Rust and a web frontend\nwritten in TypeScript using the Next.js framework.\n\nThe CLI tool is used to generate compressed JSON databases out of a\nconfiguration file and relies on `Winbindex` to find and download the required\nPEs (and PDBs). Types are reconstructed using `resym`. The idea behind the CLI\ntool is to be able to easily update and regenerate databases as new versions of\nWindows are released. The CLI tool's code is in the `windiff_cli` directory.\n\nThe frontend is used to visualize the data generated by the CLI tool, in a\nuser-friendly way. The frontend follows the same principle as `ntdiff`, as it\nallows browsing information extracted from official Microsoft PEs and PDBs for\ncertain versions of Microsoft Windows and also allows comparing this information\nbetween versions. The frontend's code is in the `windiff_frontend` directory.\n\nA scheduled GitHub action fetches new updates from `Winbindex` every day and\nupdates the configuration file used to generate the live version of WinDiff.\nCurrently, because of (free plans) storage and compute limitations, **only KB**\n**and Insider Preview updates less than one year old are kept** for the live\nversion. You can of course rebuild a local version of WinDiff yourself, without\nthose limitations if you need to. See the next section for that.\n\nNote: `Winbindex` doesn't provide unique download links for 100% of the indexed\nfiles, so it might happen that some PEs' information are unavailable in WinDiff\nbecause of that. However, as soon as these PEs are on VirusTotal, `Winbindex`\nwill be able to provide unique download links for them and they will then be\nintegrated into WinDiff automatically.\n\n## How to Build\n\n### Prerequisites\n\n- Rust 1.68 or superior\n- Node.js 16.8 or superior\n\n### Command-Line\n\nThe full build of WinDiff is \"self-documented\" in `ci/build_frontend.sh`, which\nis the build script used to build the live version of WinDiff. Here's what's inside:\n\n```bash\n# Resolve the project's root folder\nPROJECT_ROOT=$(git rev-parse --show-toplevel)\n\n# Generate databases\ncd \"$PROJECT_ROOT/windiff_cli\"\ncargo run --release \"$PROJECT_ROOT/ci/db_configuration.json\" \"$PROJECT_ROOT/windiff_frontend/public/\"\n\n# Build the frontend\ncd \"$PROJECT_ROOT/windiff_frontend\"\nnpm ci\nnpm run build\n```\n\nThe configuration file used to generate the data for the live version of WinDiff\nis located here: `ci/db_configuration.json`, but you can customize it or use\nyour own. PRs aimed at adding new binaries to track in the live configuration\nare welcome.\n","funding_links":[],"categories":["Rust"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fergrelet%2Fwindiff","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fergrelet%2Fwindiff","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fergrelet%2Fwindiff/lists"}