Comment by asveikau
7 years ago
It's hard to know what specifically he means to have been copied. But it would not surprise me if a lot of "impossibly" identical structure member names have been published as ntoskrnl.pdb (kernel debug symbols).
I have also seen some pretty good reverse engineering of nt native APIs out there.
No comments yet
Contribute on Hacker News ↗