README: add python binding instructions

commial · commial · commit 1b6df05e6108 · 2022-03-21T11:29:08.000+01:00
diff --git a/README.md b/README.md
@@ -10,6 +10,7 @@ Bindings (PoC) for [Microsoft WinDBG Time Travel Debugging (TTD)](https://docs.m
 * `example_api/` highlights some of the wrapping
 * `example_diff/` shows how to use the wrapping to perform naive trace diffing
 * `example_calltree/` produces a call tree of a trace excerpt
+* `python-bindings/` provides Python bindings over TTD
 
 After performing one or several traces using Windbg Preview, one can open the `.run` file:
 ```C++
@@ -275,8 +276,50 @@ ModuleList:
 ...
 ```
 
+## Python
+
+### Setup
+
+Either:
+
+* use the latest `pyTTD.pyd` [release](https://github.com/commial/ttd-bindings/releases/latest)
+* or compile the `python-bindings` project.
+
+### Usage
+
+With `pyTTD.pyd`, `TTDReplay.dll` and `TTDReplayCPU.dll` in the directory, one can import `pyTTD`:
+
+```python
+import pyTTD
+
+# Open the trace
+eng = pyTTD.ReplayEngine()
+eng.initialize("D:\\traces\\trace.run")
+
+# Get positions
+first = eng.get_first_position()
+last = eng.get_last_position()
+print(f"Trace from {first} to {last}")
+
+# Get a cursor
+cursor = eng.new_cursor()
+cursor.set_position(first)
+
+# Retrieve PC
+print(f"PC: {cursor.get_program_counter():x}")
+
+# Print RCX
+ctxt = cursor.get_crossplatform_context()
+print("RCX: %x" % ctxt.rcx)
+
+# Read the memory at RCX on 16 bytes
+print("@128[RCX]: %s" % cursor.read_mem(ctxt.rcx, 16))
+```
+
+More API example are available in `example_api/example_api.py`.
+
 ## References
 
 * [MSDN - Time Travel Debugging - Overview](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/time-travel-debugging-overview)
 * [TTD analysis](https://www.synacktiv.com/ressources/rumpinrennes-ttd.pdf)  by @w4kfu at Rump'in Rennes 2019
-* [Initial iDNA paper](https://www.usenix.org/legacy/events/vee06/full_papers/p154-bhansali.pdf) : S. Bhansali, W.-K. Chen, S. de Jong, A. Edwards, R. Murray, M. Drinic, D. Mihocka, and J. Chau. Framework for "Instruction-level tracing and analysis of program executions" in VEE, 2006.
+* [Initial iDNA paper](https://www.usenix.org/legacy/events/vee06/full_papers/p154-bhansali.pdf) : S. Bhansali, W.-K. Chen, S. de Jong, A. Edwards, R. Murray, M. Drinic, D. Mihocka, and J. Chau. Framework for "Instruction-level tracing and analysis of program executions" in VEE, 2006.
