|
| NTSTATUS NTAPI | KphConnect (_In_opt_ PWSTR DeviceName) |
| |
| NTSTATUS NTAPI | KphConnect2 (_In_opt_ PWSTR DeviceName, _In_ PWSTR FileName) |
| |
| NTSTATUS NTAPI | KphConnect2Ex (_In_opt_ PWSTR DeviceName, _In_ PWSTR FileName, _In_opt_ PKPH_PARAMETERS Parameters) |
| |
| NTSTATUS NTAPI | KphDisconnect (VOID) |
| |
| BOOLEAN NTAPI | KphIsConnected (VOID) |
| |
| NTSTATUS NTAPI | KphSetParameters (_In_opt_ PWSTR DeviceName, _In_ PKPH_PARAMETERS Parameters) |
| |
| NTSTATUS NTAPI | KphInstall (_In_opt_ PWSTR DeviceName, _In_ PWSTR FileName) |
| |
| NTSTATUS NTAPI | KphInstallEx (_In_opt_ PWSTR DeviceName, _In_ PWSTR FileName, _In_opt_ PKPH_PARAMETERS Parameters) |
| |
| NTSTATUS NTAPI | KphUninstall (_In_opt_ PWSTR DeviceName) |
| |
| NTSTATUS NTAPI | KphGetFeatures (_Out_ PULONG Features) |
| |
| NTSTATUS NTAPI | KphOpenProcess (_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ PCLIENT_ID ClientId) |
| |
| NTSTATUS NTAPI | KphOpenProcessToken (_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle) |
| |
| NTSTATUS NTAPI | KphOpenProcessJob (_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE JobHandle) |
| |
| NTSTATUS NTAPI | KphSuspendProcess (_In_ HANDLE ProcessHandle) |
| |
| NTSTATUS NTAPI | KphResumeProcess (_In_ HANDLE ProcessHandle) |
| |
| NTSTATUS NTAPI | KphTerminateProcess (_In_ HANDLE ProcessHandle, _In_ NTSTATUS ExitStatus) |
| |
| NTSTATUS NTAPI | KphReadVirtualMemory (_In_ HANDLE ProcessHandle, _In_ PVOID BaseAddress, _Out_writes_bytes_(BufferSize) PVOID Buffer, _In_ SIZE_T BufferSize, _Out_opt_ PSIZE_T NumberOfBytesRead) |
| |
| NTSTATUS NTAPI | KphWriteVirtualMemory (_In_ HANDLE ProcessHandle, _In_opt_ PVOID BaseAddress, _In_reads_bytes_(BufferSize) PVOID Buffer, _In_ SIZE_T BufferSize, _Out_opt_ PSIZE_T NumberOfBytesWritten) |
| |
| NTSTATUS NTAPI | KphReadVirtualMemoryUnsafe (_In_opt_ HANDLE ProcessHandle, _In_ PVOID BaseAddress, _Out_writes_bytes_(BufferSize) PVOID Buffer, _In_ SIZE_T BufferSize, _Out_opt_ PSIZE_T NumberOfBytesRead) |
| |
| NTSTATUS NTAPI | KphQueryInformationProcess (_In_ HANDLE ProcessHandle, _In_ KPH_PROCESS_INFORMATION_CLASS ProcessInformationClass, _Out_writes_bytes_(ProcessInformationLength) PVOID ProcessInformation, _In_ ULONG ProcessInformationLength, _Out_opt_ PULONG ReturnLength) |
| |
| NTSTATUS NTAPI | KphSetInformationProcess (_In_ HANDLE ProcessHandle, _In_ KPH_PROCESS_INFORMATION_CLASS ProcessInformationClass, _In_reads_bytes_(ProcessInformationLength) PVOID ProcessInformation, _In_ ULONG ProcessInformationLength) |
| |
| NTSTATUS NTAPI | KphOpenThread (_Out_ PHANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ PCLIENT_ID ClientId) |
| |
| NTSTATUS NTAPI | KphOpenThreadProcess (_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE ProcessHandle) |
| |
| NTSTATUS NTAPI | KphTerminateThread (_In_ HANDLE ThreadHandle, _In_ NTSTATUS ExitStatus) |
| |
| NTSTATUS NTAPI | KphTerminateThreadUnsafe (_In_ HANDLE ThreadHandle, _In_ NTSTATUS ExitStatus) |
| |
| NTSTATUS NTAPI | KphGetContextThread (_In_ HANDLE ThreadHandle, _Inout_ PCONTEXT ThreadContext) |
| |
| NTSTATUS NTAPI | KphSetContextThread (_In_ HANDLE ThreadHandle, _In_ PCONTEXT ThreadContext) |
| |
| NTSTATUS NTAPI | KphCaptureStackBackTraceThread (_In_ HANDLE ThreadHandle, _In_ ULONG FramesToSkip, _In_ ULONG FramesToCapture, _Out_writes_(FramesToCapture) PVOID *BackTrace, _Out_opt_ PULONG CapturedFrames, _Out_opt_ PULONG BackTraceHash) |
| |
| NTSTATUS NTAPI | KphQueryInformationThread (_In_ HANDLE ThreadHandle, _In_ KPH_THREAD_INFORMATION_CLASS ThreadInformationClass, _Out_writes_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength, _Out_opt_ PULONG ReturnLength) |
| |
| NTSTATUS NTAPI | KphSetInformationThread (_In_ HANDLE ThreadHandle, _In_ KPH_THREAD_INFORMATION_CLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength) |
| |
| NTSTATUS NTAPI | KphEnumerateProcessHandles (_In_ HANDLE ProcessHandle, _Out_writes_bytes_(BufferLength) PVOID Buffer, _In_opt_ ULONG BufferLength, _Out_opt_ PULONG ReturnLength) |
| |
| NTSTATUS NTAPI | KphEnumerateProcessHandles2 (_In_ HANDLE ProcessHandle, _Out_ PKPH_PROCESS_HANDLE_INFORMATION *Handles) |
| |
| NTSTATUS NTAPI | KphQueryInformationObject (_In_ HANDLE ProcessHandle, _In_ HANDLE Handle, _In_ KPH_OBJECT_INFORMATION_CLASS ObjectInformationClass, _Out_writes_bytes_(ObjectInformationLength) PVOID ObjectInformation, _In_ ULONG ObjectInformationLength, _Out_opt_ PULONG ReturnLength) |
| |
| NTSTATUS NTAPI | KphSetInformationObject (_In_ HANDLE ProcessHandle, _In_ HANDLE Handle, _In_ KPH_OBJECT_INFORMATION_CLASS ObjectInformationClass, _In_reads_bytes_(ObjectInformationLength) PVOID ObjectInformation, _In_ ULONG ObjectInformationLength) |
| |
| NTSTATUS NTAPI | KphDuplicateObject (_In_ HANDLE SourceProcessHandle, _In_ HANDLE SourceHandle, _In_opt_ HANDLE TargetProcessHandle, _Out_opt_ PHANDLE TargetHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _In_ ULONG Options) |
| |
| NTSTATUS NTAPI | KphOpenDriver (_Out_ PHANDLE DriverHandle, _In_ POBJECT_ATTRIBUTES ObjectAttributes) |
| |
| NTSTATUS NTAPI | KphQueryInformationDriver (_In_ HANDLE DriverHandle, _In_ DRIVER_INFORMATION_CLASS DriverInformationClass, _Out_writes_bytes_(DriverInformationLength) PVOID DriverInformation, _In_ ULONG DriverInformationLength, _Out_opt_ PULONG ReturnLength) |
| |
| NTSTATUS NTAPI | KphInitializeDynamicPackage (_Out_ PKPH_DYN_PACKAGE Package) |
| |
1.8.2