NtQuerySystemInformation

Introduction

NtQuerySystemInformation use the vaguely documented structure: SYSTEM_PROCESS_INFORMATION, many of the parameters are reserved to hide the functionality.

Here is a reference to use for SYSTEM_PROCESS_INFORMATION:

https://github.com/winsiderss/systeminformer/blob/master/phnt/include/ntexapi.h#L1736
PreviousCreateToolhelp32SnapshotNextDLL Enumeration

Last updated