GET /api/featured_api/625/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"url": "https://unprotect.it/api/featured_api/625/?format=api",
"library": {
"id": 2,
"name": "NTDLL.DLL",
"description": ""
},
"name": "NtQueryInformationProcess",
"ref_link": "https://learn.microsoft.com/en-us/windows/win32/api/winternl/nf-winternl-ntqueryinformationprocess",
"from_msdn": true,
"caution_level": "high",
"description": "GPT\r\nThe NtQueryInformationProcess function, along with the data structures it provides, are internal to Windows and can change with different versions of the operating system. To ensure your application remains compatible, it's better to use the public functions recommended in the ProcessInformationClass parameter's description.\r\n\r\nIf you still choose to use NtQueryInformationProcess, access it through run-time dynamic linking. This method allows your code to adapt if the function is altered or removed in future Windows releases. Be aware, though, that changes in the function's signature might not be detectable.\r\n\r\nThis function isn't included in any import library. To use it, you need to dynamically link to Ntdll.dll using the LoadLibrary and GetProcAddress functions.",
"featured_in": [
{
"id": 358,
"name": "Process Argument Spoofing",
"url": "https://unprotect.it/technique/process-argument-spoofing/"
}
]
}
