|
|
@ -16,10 +16,11 @@ header only kernel utils library - completely self dependent - no imports - no s
|
|
|
|
|
|
|
|
|
|
|
|
### Functions
|
|
|
|
### Functions
|
|
|
|
|
|
|
|
|
|
|
|
* PVOID KUtils::Driver::GetKernelBase(VOID) - Get the base address of the kernel.
|
|
|
|
* `PVOID KUtils::Driver::GetKernelBase(VOID)` - Get the base address of the kernel.
|
|
|
|
* PDRIVER_OBJECT KUtils::Driver::GetDriverObject(CONST WCHAR* pwszDriverName) - Get driver object given the name of the driver.
|
|
|
|
* `PDRIVER_OBJECT KUtils::Driver::GetDriverObject(CONST WCHAR* pwszDriverName)` - Get driver object given the name of the driver.
|
|
|
|
* HANDLE KUtils::Process::GetPid(CONST WCHAR* pwszProcessName) - get pid given a process file name.
|
|
|
|
* `HANDLE KUtils::Process::GetPid(CONST WCHAR* pwszProcessName)` - get pid given a process file name.
|
|
|
|
* PVOID KUtils::Process:GetProcessBase(HANDLE hPid) - get process base address given pid.
|
|
|
|
* `PVOID KUtils::Process:GetProcessBase(HANDLE hPid)` - get process base address given pid.
|
|
|
|
* VOID KUtils::Process::ForEachProcess(PsCallbackPtr lpCallback) - pass a callback to loop over each process.
|
|
|
|
* `VOID KUtils::Process::ForEachProcess(PsCallbackPtr lpCallback)` - pass a callback to loop over each process.
|
|
|
|
* VOID KUtils::Process::ForEachThread(HANDLE hPid, TdCallbackPtr lpCallback) - pass a callback and pid to loop over each thread in that process.
|
|
|
|
* `VOID KUtils::Process::ForEachThread(HANDLE hPid, TdCallbackPtr lpCallback)` - pass a callback and pid to loop over each thread in that process.
|
|
|
|
* VOID KUtils::Process::GetModuleBase(HANDLE hPid, CONST WCHAR* pwszModuleName) - gets module base base for a module in a given process.
|
|
|
|
* `VOID KUtils::Process::GetModuleBase(HANDLE hPid, CONST WCHAR* pwszModuleName)` - gets module base base for a module in a given process.
|
|
|
|
|
|
|
|
* `LPVOID KUtils::Signature::Scan(LPVOID lpBase, ULONG nSize, CONST CHAR* pszPattern, CONST CHAR* pszMask)`
|
|
|
|