Security/Windows System
Kernel API Prefix
Winduck
2020. 5. 28. 20:01
반응형
Windows Kernel API는 대부분 접두어를 가지며 이를 통하여 쉽게 함수 해석이 가능하다.
| Prefix | Kernel Component |
| Ex | general executive functions |
| Ke | general kernel functions |
| Mm | memory manager |
| Rtl | general runtime library |
| FsRtl | file system runtime library |
| Flt | file system mini-filter library |
| Ob | ojbect manager |
| Se | security |
| Ps | Process structure |
| Po | Power manager |
| Wmi | Windows management instrumentation |
| Zw | native API wrappers |
| Hal | hardware abstraction layer |
| Cm | configuration manager(registry) |
반응형