Content changes - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
Official Windows documentation: NtDoc now includes documentation from the official Windows Driver Kit DDI reference and parts of the Win32 API reference.
Process operations (#16): NtGetNextProcess, NtTerminateProcess, NtSuspendProcess, NtChangeProcessState.
Process information (#11): NtQueryInformationProcess, NtSetInformationProcess, and 100+ PROCESSINFOCLASS values.
Token operations (#8): Various operations on tokens, capabilities, and AppContainer SIDs. 47 pages, including: NtCreateTokenEx, NtOpenThreadTokenEx, NtQueryInformationToken, NtSetInformationToken, NtDuplicateToken.
Handle/object operations (#4): Object attributes and common handle operations. 33 pages, including: NtQueryObject, NtSetInformationObject, NtDuplicateObject, NtWaitForMultipleObjects, NtClose.
Thread operations (#3): Thread-related functions and types. 55 pages, including: NtCreateThreadEx, NtOpenThread, NtSuspendThread, NtResumeThread, NtQueryInformationThread.