I'd like to know if and how I can access API calls inside the kernel. I need them to preform several integrity checks on a program of mine running in user mode. But I don't know how I can access the APIs and function开发者_开发技巧s required to do so.
How do I obtain the process id of my user mode process? And how do I access all its memory to preform the check?
PS: I'm on a Windows XP machine.
Yes, you can do that by creating a kernel mode driver and then communicating with your user mode process from the kernel space. You can refer this document for detailed information.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论