Windows Kernel Documentation

Windows Kernel

The Windows Kernel is the core component of the Microsoft Windows operating system. It provides the fundamental services upon which all other parts of the OS and applications rely. This section provides an overview and access to documentation for the Kernel APIs.

Key responsibilities of the kernel include:

  • Process and thread scheduling
  • Memory management
  • Inter-process communication (IPC)
  • Input/Output (I/O) management
  • Security enforcement
  • Hardware abstraction

Process & Thread Management

APIs for creating, managing, and terminating processes and threads. This includes scheduling, synchronization primitives, and thread-local storage.

Key APIs:

  • CreateProcess
  • OpenThread
  • TerminateProcess
  • WaitForSingleObject
  • CreateMutex

View all Process & Thread APIs

Memory Management

Functions for allocating, deallocating, and manipulating virtual and physical memory. Covers heap management, virtual memory functions, and memory-mapped files.

Key APIs:

  • VirtualAlloc
  • HeapAlloc
  • VirtualFree
  • MapVirtualMemory

View all Memory Management APIs

I/O Subsystem

APIs related to the Windows I/O Manager, device drivers, and file system interactions. This enables applications to interact with hardware devices and the file system.

Key APIs:

  • CreateFile
  • ReadFile
  • WriteFile
  • DeviceIoControl

View all I/O Subsystem APIs

Security

APIs for managing security descriptors, access tokens, and auditing. Essential for implementing robust security features in applications.

Key APIs:

  • GetSecurityInfo
  • SetSecurityInfo
  • OpenProcessToken
  • ImpersonateUser

View all Security APIs

Registry

Functions for accessing and manipulating the Windows Registry, a hierarchical database storing configuration settings.

Key APIs:

  • RegOpenKeyEx
  • RegQueryValueEx
  • RegSetValueEx
  • RegCloseKey

View all Registry APIs

System Information

APIs to retrieve information about the system, including hardware, operating system version, and performance counters.

Key APIs:

  • GetSystemInfo
  • GetVersionEx
  • GetTickCount64

View all System Information APIs

Driver Development

Resources and documentation for developers creating kernel-mode drivers, including the Windows Driver Model (WDM) and Windows Driver Frameworks (WDF).

Key Concepts:

  • Kernel-Mode vs. User-Mode
  • Driver Entry Points
  • IRPs (I/O Request Packets)
  • Driver Verifier

Learn more about Driver Development