NT FileManagement functions

I have been analysing Ntdll file system functions from the total ntdll function list. First, I obtain the total function li开发者_StackOverflow中文版st from ntdlls export directory. Next, I seperated the file management set from the total function list and tried hooking the entire file management set.

However, I miss to hook a function, which i dint know. Hence I could not catch an API which takes Path as an input and performing a directory management functionality.

Is there anywhere you find/Know related information having the complete set of file management functions in NTDLL.

Probably you should implement an File System Filter Drivers (see http://www.microsoft.com/whdc/driver/filterdrv/default.mspx) instead of hooking of all possible undocumented file management functions from ntdll.dll