Content /...

The package madKernel is about Kernel Objects for the biggest part. The most important object types are wrapped up in nice interfaces, utilizing all the specific kernel32 APIs and also utilizing a whole lot of undocumented stuff. You often won't notice the undocumented parts of madKernel, though, because all what you can do seems natural and logical. There are simply a lot of holes in the win32 API, which madKernel has to fill in order to make the interfaces complete. Just one example: The well known API "ShellExecuteEx" can give you a process handle of the newly created process. But what process ID does the process have? The win32 API *should* contain an API like "ProcessHandleToProcessID", but it doesn't. So madKernel uses undocumented stuff to fill the holes.

madKernel has nice interface wrappers for Events and Mutexes and for Threads and Processes. Furthermore, also some other basic elements of Windows are covered, like Windows, Modules and Tray Icons. Those elements are no Kernel Objects, but they're really important, so madKernel supports them, too.

Most of the time, you handle Kernel Objects through kernel Handles. E.g. almost all win32 APIs want to have Handles. So madKernel wraps up kernel Handles in nice interfaces, too.

Finally we have a little bonus interface. When trying to establish a conversation between different Modules or between different Processes it's often useful to have a shared memory area, which can be accessed through a system wide unique name. For that purpose the win32 API offers named file mapping objects, which madKernel wraps up with an interface called Named Buffer.

A quick reference of what is contained in madKernel can be found in the madKernel Reference.

Kernel Objects Handles Events and Mutexes Threads Processes Windows Tray Icons Modules Named Buffer

madKernel is free for non-commercial usage (only).

You can find more information including the full download at