how to create a process which will run in kernel level in windows?

I want to create a kernel level of process for windows (Ring 0) but i don't know where to start from. I want to know which SDK is required 开发者_运维百科and any tutorial showing its implementation would be helpful.

The SDK is the Windows Driver Kit and documentation here. As a correction to your question, at kernel mode you can't use processes, since kernel-mode drivers run as part of the operating system's executive. You can create kernel threads though.

You are asking this in conjunction with how to create a process which is not visible in task manager or services list

Creating a kernel mode solution is going to be so much overhead to do what you want that it is really not the solution. Creating a driver as a substitute for a typical user mode desktop application is not as straight-forward as it sounds.

You should either:

1. Use Windows security to restrict users
2. Write your app as a service (this is still even not a good solution imo because admins can stop it and it sees 'activity' at a different level than a desktop app)
3. Do some basic trick to prevent closing, such as two sentinel processes that watch each other and keep each other alive.

You can create system threads as pointed by Shinnok. Windows does not have facilities for what you are trying to do.