Windows内核态SSDT-hook实现进程隐藏和文件隐藏，代码很规整，学习内核编程的好例子 -a good example of studying kernel programing or driver developing, SSDT hook

HOOK SSDT 不让创建文件初学者看。高手飘过-HOOK SSDT Not to create the file。master drifting away

统计系统调用NtCreateFile次数，此程序将此次数从内核态返回至用户态-NtCreateFile statistical system call number, the program returns this number from user mode to kernel mode