skip to main |
skip to sidebar
Windows
- kernel32.dll, advapi32.dll: to provide Windows APIs
- ntdll.dll: to switch from user mode to kernel mode
- ntoskrnl.exe and drivers: major part of Windows OS
- hal.dll: hardware abstraction layer
Ntoskrnl.exe and drivers
Executive
- system services: NTXXX, ZWXXX
- executive support routines: ExXXX
- executive components and relevant services
Executive components and relevant services
- Object manager: ObXXX
- Configuration manager: CmXXX
- Process and thread manager: PsXXX
- Memory manager: MmXXX
- IO manager: IoXXX
- P&P manager: PpXXX
- Power manager: PoXXX
- Cache manager: CcXXX
- Security reference monitor: SeXXX
Drivers
- ntfs.sys
- volmgr.sys
- ndis.sys
- …
No comments:
Post a Comment