Mirrors/hidden
6
0
Fork 0
mirror of https://github.com/JKornev/hidden synced 2024-06-30 19:02:03 +00:00
Code Issues Projects Releases Wiki Activity
0332732253
hidden/Hidden/PsTable.h
JKornev 98014e750e Major changes 
- Fixed BSOD on driver deinitialization step
- Fixed resources leak in the reg filter
- Fixed path normalization function
- Added support for inherit type in predefined process monitor configs
- Added support for opening protected processes by subsystem
- Added tests for protected processes
and other little fixes
2016-10-11 00:45:07 +03:00

27 lines
657 B
C
Raw Blame History

#pragma once
#include <Ntddk.h>
typedef struct _ProcessTableEntry {
HANDLE processId;
BOOLEAN excluded;
ULONG inheritExclusion;
BOOLEAN protected;
ULONG inheritProtection;
BOOLEAN subsystem;
BOOLEAN inited;
} ProcessTableEntry, *PProcessTableEntry;
NTSTATUS InitializeProcessTable(VOID(*InitProcessEntryCallback)(PProcessTableEntry, PCUNICODE_STRING, HANDLE));
VOID DestroyProcessTable();
BOOLEAN AddProcessToProcessTable(PProcessTableEntry entry);
BOOLEAN RemoveProcessFromProcessTable(PProcessTableEntry entry);
BOOLEAN GetProcessInProcessTable(PProcessTableEntry entry);
BOOLEAN UpdateProcessInProcessTable(PProcessTableEntry entry);
Reference in New Issue View Git Blame Copy Permalink