这篇博客详细介绍了Windows NT内核中的API函数,包括系统调用、内存管理、进程线程操作、文件系统控制等多个方面。内容涵盖从基本的文件读写到复杂的系统级操作,如设置调试过滤器状态、控制电源管理和执行自动调试等。通过这些API,开发者可以深入了解Windows NT内核的工作原理并进行底层系统编程。
__isascii
__iscsym
__iscsymf
__toascii
_alldiv
_alldvrm
_allmul
_alloca_probe
_allrem
_allshl
_allshr
_atoi64
_aulldiv
_aulldvrm
_aullrem
_aullshr
_chkstk
_CIcos
_CIlog
_CIpow
_CIsin
_CIsqrt
_fltused
_ftol
_i64toa
_i64tow
_itoa
_itow
_lfind
_ltoa
_ltow
_memccpy
_memicmp
_snprintf
_snwprintf
_splitpath
_strcmpi
_stricmp
_strlwr
_strnicmp
_strupr
_tolower
_toupper
_ui64toa
_ui64tow
_ultoa
_ultow
_vscwprintf
_vsnprintf
_vsnwprintf
_wcsicmp
_wcslwr
_wcsnicmp
_wcstoui64
_wcsupr
_wtoi
_wtoi64
_wtol
abs
atan
atoi
atol
bsearch
ceil
cos
CsrAllocateCaptureBuffer
CsrAllocateMessagePointer
CsrCaptureMessageBuffer
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrCaptureMessageString
CsrCaptureTimeout
CsrClientCallServer
CsrClientConnectToServer
CsrFreeCaptureBuffer
CsrGetProcessId
CsrIdentifyAlertableThread
CsrNewThread
CsrProbeForRead
CsrProbeForWrite
CsrSetPriorityClass
DbgBreakPoint
DbgPrint
DbgPrintEx
DbgPrintReturnControlC
DbgPrompt
DbgQueryDebugFilterState
DbgSetDebugFilterState
DbgUiConnectToDbg
DbgUiContinue
DbgUiConvertStateChangeStructure
DbgUiDebugActiveProcess
DbgUiGetThreadDebugObject
DbgUiIssueRemoteBreakin
DbgUiRemoteBreakin
DbgUiSetThreadDebugObject
DbgUiStopDebugging
DbgUiWaitStateChange
DbgUserBreakPoint
EtwControlTraceA
EtwControlTraceW
EtwCreateTraceInstanceId
EtwEnableTrace
EtwEnumerateTraceGuids
EtwFlushTraceA
EtwFlushTraceW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwNotificationRegistrationA
EtwNotificationRegistrationW
EtwpGetTraceBuffer
EtwpSetHWConfigFunction
EtwQueryAllTracesA
EtwQueryAllTracesW
EtwQueryTraceA
EtwQueryTraceW
EtwReceiveNotificationsA
EtwReceiveNotificationsW
EtwRegisterTraceGuidsA
EtwRegisterTraceGuidsW
EtwStartTraceA
EtwStartTraceW
EtwStopTraceA
EtwStopTraceW
EtwTraceEvent
EtwTraceEventInstance
EtwTraceMessage
EtwTraceMessageVa
EtwUnregisterTraceGuids
EtwUpdateTraceA
EtwUpdateTraceW
ExpInterlockedPopEntrySListEnd
ExpInterlockedPopEntrySListFault
ExpInterlockedPopEntrySListResume
fabs
floor
isalnum
isalpha
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
iswalpha
iswctype
iswdigit
iswlower
iswspace
iswxdigit
isxdigit
KiFastSystemCall
KiFastSystemCallRet
KiIntSystemCall
KiRaiseUserExceptionDispatcher
KiUserApcDispatcher
KiUserCallbackDispatcher
KiUserExceptionDispatcher
labs
LdrAccessOutOfProcessResource
LdrAccessResource
LdrAddRefDll
LdrAlternateResourcesEnabled
LdrCreateOutOfProcessImage
LdrDestroyOutOfProcessImage
LdrDisableThreadCalloutsForDll
LdrEnumerateLoadedModules
LdrEnumResources
LdrFindCreateProcessManifest
LdrFindEntryForAddress
LdrFindResource_U
LdrFindResourceDirectory_U
LdrFindResourceEx_U
LdrFlushAlternateResourceModules
LdrGetDllHandle
LdrGetDllHandleEx
LdrGetProcedureAddress
LdrHotPatchRoutine
LdrInitializeThunk
LdrInitShimEngineDynamic
LdrLoadAlternateResourceModule
LdrLoadDll
LdrLockLoaderLock
LdrOpenImageFileOptionsKey
LdrProcessRelocationBlock
LdrQueryImageFileExecutionOptions
LdrQueryImageFileExecutionOptionsEx
LdrQueryImageFileKeyOption
LdrQueryProcessModuleInformation
LdrSetAppCompatDllRedirectionCallback
LdrSetDllManifestProber
LdrShutdownProcess
LdrShutdownThread
LdrUnloadAlternateResourceModule
LdrUnloadDll
LdrUnlockLoaderLock
LdrVerifyImageMatchesChecksum
log
mbstowcs
memchr
memcmp
memcpy
memmove
memset
NlsAnsiCodePage
NlsMbCodePageTag
NlsMbOemCodePageTag
NtAcceptConnectPort
NtAccessCheck
NtAccessCheckAndAuditAlarm
NtAccessCheckByType
NtAccessCheckByTypeAndAuditAlarm
NtAccessCheckByTypeResultList
NtAccessCheckByTypeResultListAndAuditAlarm
NtAccessCheckByTypeResultListAndAuditAlarmByHandle
NtAddAtom
NtAddBootEntry
NtAddDriverEntry
NtAdjustGroupsToken
NtAdjustPrivilegesToken
NtAlertResumeThread
NtAlertThread
NtAllocateLocallyUniqueId
NtAllocateUserPhysicalPages
NtAllocateUuids
NtAllocateVirtualMemory
NtApphelpCacheControl
NtAreMappedFilesTheSame
NtAssignProcessToJobObject
NtCallbackReturn
NtCancelDeviceWakeupRequest
NtCancelIoFile
NtCancelTimer
NtClearEvent
NtClose
NtCloseObjectAuditAlarm
NtCompactKeys
NtCompareTokens
NtCompleteConnectPort
NtCompressKey
NtConnectPort
NtContinue
NtCreateDebugObject
NtCreateDirectoryObject
NtCreateEvent
NtCreateEventPair
NtCreateFile
NtCreateIoCompletion
NtCreateJobObject
NtCreateJobSet
NtCreateKey
NtCreateKeyedEvent
NtCreateMailslotFile
NtCreateMutant
NtCreateNamedPipeFile
NtCreatePagingFile
NtCreatePort
NtCreateProcess
NtCreateProcessEx
NtCreateProfile
NtCreateSection
NtCreateSemaphore
NtCreateSymbolicLinkObject
NtCreateThread
NtCreateTimer
NtCreateToken
NtCreateWaitablePort
NtCurrentTeb
NtDebugActiveProcess
NtDebugContinue
NtDelayExecution
NtDeleteAtom
NtDeleteBootEntry
NtDeleteDriverEntry
NtDeleteFile
NtDeleteKey
NtDeleteObjectAuditAlarm
NtDeleteValueKey
NtDeviceIoControlFile
NtDisplayString
NtDuplicateObject
NtDuplicateToken
NtEnumerateBootEntries
NtEnumerateDriverEntries
NtEnumerateKey
NtEnumerateSystemEnvironmentValuesEx
NtEnumerateValueKey
NtExtendSection
NtFilterToken
NtFindAtom
NtFlushBuffersFile
NtFlushInstructionCache
NtFlushKey
NtFlushVirtualMemory
NtFlushWriteBuffer
NtFreeUserPhysicalPages
NtFreeVirtualMemory
NtFsControlFile
NtGetContextThread
NtGetCurrentProcessorNumber
NtGetDevicePowerState
NtGetPlugPlayEvent
NtGetTickCount
NtGetWriteWatch
NtImpersonateAnonymousToken
NtImpersonateClientOfPort
NtImpersonateThread
NtInitializeRegistry
NtInitiatePowerAction
NtIsProcessInJob
NtIsSystemResumeAutomatic
NtListenPort
NtLoadDriver
NtLoadKey
NtLoadKey2
NtLoadKeyEx
Nt
__iscsym
__iscsymf
__toascii
_alldiv
_alldvrm
_allmul
_alloca_probe
_allrem
_allshl
_allshr
_atoi64
_aulldiv
_aulldvrm
_aullrem
_aullshr
_chkstk
_CIcos
_CIlog
_CIpow
_CIsin
_CIsqrt
_fltused
_ftol
_i64toa
_i64tow
_itoa
_itow
_lfind
_ltoa
_ltow
_memccpy
_memicmp
_snprintf
_snwprintf
_splitpath
_strcmpi
_stricmp
_strlwr
_strnicmp
_strupr
_tolower
_toupper
_ui64toa
_ui64tow
_ultoa
_ultow
_vscwprintf
_vsnprintf
_vsnwprintf
_wcsicmp
_wcslwr
_wcsnicmp
_wcstoui64
_wcsupr
_wtoi
_wtoi64
_wtol
abs
atan
atoi
atol
bsearch
ceil
cos
CsrAllocateCaptureBuffer
CsrAllocateMessagePointer
CsrCaptureMessageBuffer
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrCaptureMessageString
CsrCaptureTimeout
CsrClientCallServer
CsrClientConnectToServer
CsrFreeCaptureBuffer
CsrGetProcessId
CsrIdentifyAlertableThread
CsrNewThread
CsrProbeForRead
CsrProbeForWrite
CsrSetPriorityClass
DbgBreakPoint
DbgPrint
DbgPrintEx
DbgPrintReturnControlC
DbgPrompt
DbgQueryDebugFilterState
DbgSetDebugFilterState
DbgUiConnectToDbg
DbgUiContinue
DbgUiConvertStateChangeStructure
DbgUiDebugActiveProcess
DbgUiGetThreadDebugObject
DbgUiIssueRemoteBreakin
DbgUiRemoteBreakin
DbgUiSetThreadDebugObject
DbgUiStopDebugging
DbgUiWaitStateChange
DbgUserBreakPoint
EtwControlTraceA
EtwControlTraceW
EtwCreateTraceInstanceId
EtwEnableTrace
EtwEnumerateTraceGuids
EtwFlushTraceA
EtwFlushTraceW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwNotificationRegistrationA
EtwNotificationRegistrationW
EtwpGetTraceBuffer
EtwpSetHWConfigFunction
EtwQueryAllTracesA
EtwQueryAllTracesW
EtwQueryTraceA
EtwQueryTraceW
EtwReceiveNotificationsA
EtwReceiveNotificationsW
EtwRegisterTraceGuidsA
EtwRegisterTraceGuidsW
EtwStartTraceA
EtwStartTraceW
EtwStopTraceA
EtwStopTraceW
EtwTraceEvent
EtwTraceEventInstance
EtwTraceMessage
EtwTraceMessageVa
EtwUnregisterTraceGuids
EtwUpdateTraceA
EtwUpdateTraceW
ExpInterlockedPopEntrySListEnd
ExpInterlockedPopEntrySListFault
ExpInterlockedPopEntrySListResume
fabs
floor
isalnum
isalpha
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
iswalpha
iswctype
iswdigit
iswlower
iswspace
iswxdigit
isxdigit
KiFastSystemCall
KiFastSystemCallRet
KiIntSystemCall
KiRaiseUserExceptionDispatcher
KiUserApcDispatcher
KiUserCallbackDispatcher
KiUserExceptionDispatcher
labs
LdrAccessOutOfProcessResource
LdrAccessResource
LdrAddRefDll
LdrAlternateResourcesEnabled
LdrCreateOutOfProcessImage
LdrDestroyOutOfProcessImage
LdrDisableThreadCalloutsForDll
LdrEnumerateLoadedModules
LdrEnumResources
LdrFindCreateProcessManifest
LdrFindEntryForAddress
LdrFindResource_U
LdrFindResourceDirectory_U
LdrFindResourceEx_U
LdrFlushAlternateResourceModules
LdrGetDllHandle
LdrGetDllHandleEx
LdrGetProcedureAddress
LdrHotPatchRoutine
LdrInitializeThunk
LdrInitShimEngineDynamic
LdrLoadAlternateResourceModule
LdrLoadDll
LdrLockLoaderLock
LdrOpenImageFileOptionsKey
LdrProcessRelocationBlock
LdrQueryImageFileExecutionOptions
LdrQueryImageFileExecutionOptionsEx
LdrQueryImageFileKeyOption
LdrQueryProcessModuleInformation
LdrSetAppCompatDllRedirectionCallback
LdrSetDllManifestProber
LdrShutdownProcess
LdrShutdownThread
LdrUnloadAlternateResourceModule
LdrUnloadDll
LdrUnlockLoaderLock
LdrVerifyImageMatchesChecksum
log
mbstowcs
memchr
memcmp
memcpy
memmove
memset
NlsAnsiCodePage
NlsMbCodePageTag
NlsMbOemCodePageTag
NtAcceptConnectPort
NtAccessCheck
NtAccessCheckAndAuditAlarm
NtAccessCheckByType
NtAccessCheckByTypeAndAuditAlarm
NtAccessCheckByTypeResultList
NtAccessCheckByTypeResultListAndAuditAlarm
NtAccessCheckByTypeResultListAndAuditAlarmByHandle
NtAddAtom
NtAddBootEntry
NtAddDriverEntry
NtAdjustGroupsToken
NtAdjustPrivilegesToken
NtAlertResumeThread
NtAlertThread
NtAllocateLocallyUniqueId
NtAllocateUserPhysicalPages
NtAllocateUuids
NtAllocateVirtualMemory
NtApphelpCacheControl
NtAreMappedFilesTheSame
NtAssignProcessToJobObject
NtCallbackReturn
NtCancelDeviceWakeupRequest
NtCancelIoFile
NtCancelTimer
NtClearEvent
NtClose
NtCloseObjectAuditAlarm
NtCompactKeys
NtCompareTokens
NtCompleteConnectPort
NtCompressKey
NtConnectPort
NtContinue
NtCreateDebugObject
NtCreateDirectoryObject
NtCreateEvent
NtCreateEventPair
NtCreateFile
NtCreateIoCompletion
NtCreateJobObject
NtCreateJobSet
NtCreateKey
NtCreateKeyedEvent
NtCreateMailslotFile
NtCreateMutant
NtCreateNamedPipeFile
NtCreatePagingFile
NtCreatePort
NtCreateProcess
NtCreateProcessEx
NtCreateProfile
NtCreateSection
NtCreateSemaphore
NtCreateSymbolicLinkObject
NtCreateThread
NtCreateTimer
NtCreateToken
NtCreateWaitablePort
NtCurrentTeb
NtDebugActiveProcess
NtDebugContinue
NtDelayExecution
NtDeleteAtom
NtDeleteBootEntry
NtDeleteDriverEntry
NtDeleteFile
NtDeleteKey
NtDeleteObjectAuditAlarm
NtDeleteValueKey
NtDeviceIoControlFile
NtDisplayString
NtDuplicateObject
NtDuplicateToken
NtEnumerateBootEntries
NtEnumerateDriverEntries
NtEnumerateKey
NtEnumerateSystemEnvironmentValuesEx
NtEnumerateValueKey
NtExtendSection
NtFilterToken
NtFindAtom
NtFlushBuffersFile
NtFlushInstructionCache
NtFlushKey
NtFlushVirtualMemory
NtFlushWriteBuffer
NtFreeUserPhysicalPages
NtFreeVirtualMemory
NtFsControlFile
NtGetContextThread
NtGetCurrentProcessorNumber
NtGetDevicePowerState
NtGetPlugPlayEvent
NtGetTickCount
NtGetWriteWatch
NtImpersonateAnonymousToken
NtImpersonateClientOfPort
NtImpersonateThread
NtInitializeRegistry
NtInitiatePowerAction
NtIsProcessInJob
NtIsSystemResumeAutomatic
NtListenPort
NtLoadDriver
NtLoadKey
NtLoadKey2
NtLoadKeyEx
Nt
最低0.47元/天 解锁文章
7497
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
