[HideModuleNameAttribute]
public sealed class NtDll<HideModuleNameAttribute>
Public NotInheritable Class NtDll
Dim instance As NtDll[HideModuleNameAttribute]
public ref class NtDll sealed[<SealedAttribute>]
[<HideModuleNameAttribute>]
type NtDll = class endNo code example is currently available or this language may not be supported.| DbgBreakPoint | Breaks into the kernel debugger. |
| DbgPrompt | Displays a caller-specified user prompt string on the kernel debugger's display device and obtains a user response string. |
| Equals | Determines whether the specified object is equal to the current object. (Inherited from Object) |
| GetHashCode | Serves as the default hash function. (Inherited from Object) |
| GetType | Gets the Type of the current instance. (Inherited from Object) |
| NtClose |
Closes the specified object handle.
( NtClose(IntPtr) function is superseded by CloseHandle(IntPtr) function. )
Obsolete. |
| NtCreateSection(IntPtr, GenericAccessRights, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, GenericAccessRights, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, GenericAccessRights, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, GenericAccessRights, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, SectionAccessRights, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, SectionAccessRights, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, SectionAccessRights, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, SectionAccessRights, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, StandardAccessRights, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, StandardAccessRights, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, StandardAccessRights, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, StandardAccessRights, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, UInt32, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, UInt32, ObjectAttributes, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, UInt32, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, SafeFileHandle) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtCreateSection(IntPtr, UInt32, IntPtr, UInt64, MemoryProtectionOptions, SectionAttributes, IntPtr) | Creates a section object. A section object represents a section of memory that can be shared. A process can use a section object to share parts of its memory address space (memory sections) with other processes. Section objects also provide the mechanism by which a process can map a file into its memory address space. Each memory section has one or more corresponding views. A view of a section is a part of the section that is actually visible to a process. The act of creating a view for a section is known as mapping a view of the section. Each process that is manipulating the contents of a section has its own view; a process can also have multiple views (to the same or different sections). |
| NtExtendSection | Extends the size of an existing section object. |
| NtFreezeRegistry | Pauses registry data flushes for the specified time period. The function uses a timer to automaticaly unblock the flushes, so there's no need to manually call NtThawRegistry, unless you want to end the pause during the timeout period. |
| NtMapViewOfSection(IntPtr, SafeProcessHandle, IntPtr, IntPtr, IntPtr, Int64, UIntPtr, SectionInherit, MemoryAllocationType, MemoryProtectionOptions) | Maps a view of a section into the virtual address space of a subject process. |
| NtMapViewOfSection(IntPtr, IntPtr, IntPtr, IntPtr, IntPtr, Int64, UIntPtr, SectionInherit, MemoryAllocationType, MemoryProtectionOptions) | Maps a view of a section into the virtual address space of a subject process. |
| NtOpenEvent(IntPtr, EventAccessRights, ObjectAttributes) | Opens a handle to an existing named event object with the specified desired access. |
| NtOpenEvent(IntPtr, GenericAccessRights, ObjectAttributes) | Opens a handle to an existing named event object with the specified desired access. |
| NtOpenEvent(IntPtr, StandardAccessRights, ObjectAttributes) | Opens a handle to an existing named event object with the specified desired access. |
| NtOpenEvent(IntPtr, UInt32, ObjectAttributes) | Opens a handle to an existing named event object with the specified desired access. |
| NtOpenSection(IntPtr, GenericAccessRights, IntPtr) | Opens a handle for an existing section object. |
| NtOpenSection(IntPtr, SectionAccessRights, IntPtr) | Opens a handle for an existing section object. |
| NtOpenSection(IntPtr, StandardAccessRights, IntPtr) | Opens a handle for an existing section object. |
| NtOpenSection(IntPtr, UInt32, IntPtr) | Opens a handle for an existing section object. |
| NtQueryInformationProcess | Retrieves information about the specified process. |
| NtQueryMutex(IntPtr, MutexInformationClass, MutexBasicInformation, Int32, Int32) | Queries a mutual exclusion (Mutex) object. |
| NtQueryMutex(IntPtr, MutexInformationClass, MutexOwnerInformation, Int32, Int32) | Queries a mutual exclusion (Mutex) object. |
| NtRaiseHardError | This function sends HARDERROR_MSG LPC message to listener (typically CSRSS.EXE). This function is called to cause a BSOD (Blue Screen of Death) with specific information. |
| NtResumeProcess | Resumes a suspended process. To suspend a process, call NtSuspendProcess(IntPtr) function. |
| NtSetEvent | Sets an event object to a Signaled state and attempts to satisfy as many waits as possible. |
| NtSuspendProcess | Suspends a process. When you suspend a process, all the threads of the process will be set to a suspended state. This cuts off code execution until we resume the process, which consists of resuming each thread under the process which was put into a suspended state. |
| NtThawRegistry | Cancels any registry thawing and restores normal data flushing. To pause registry data flushes for a specified time period, call NtFreezeRegistry(UInt64) function. |
| NtUnmapViewOfSection(IntPtr, IntPtr) | Unmaps a view of a section from the virtual address space of a subject process. |
| NtUnmapViewOfSection(SafeProcessHandle, IntPtr) | Unmaps a view of a section from the virtual address space of a subject process. |
| RtlAdjustPrivilege | Enables or disables a privilege from the calling thread or process. Enabling or disabling privileges requires AdjustPrivileges access. |
| RtlComputeCrc32 | Calculate the CRC-32 checksum of a block of bytes. |
| RtlCrc32 | Calculates the CRC-32 checksum for a block of bytes. |
| RtlCrc64 | Calculates the CRC-64 checksum for a block of bytes. |
| RtlRandomEx | Generates a uniform random number between 0 (zero) to UInt32 -1 |
| RtlUniform | Generates a uniform random number using D.H. Lehmer's 1948 algorithm, between 0 (zero) to UInt32 |
| SetCurrentProcessIsCritical | Establish the current process to be considered a critical process. When attempting to terminate a critical process, brings down the system in a controlled manner. |
| ToString | Returns a string that represents the current object. (Inherited from Object) |
| CanConvertTo |
Determines whether the source object can be converted to the specified target type.
(Defined by ObjectExtensions) |
| CanConvertToT |
Determines whether the source object can be converted to the specified target type.
(Defined by ObjectExtensions) |
| ConvertToT |
Converts an object to the specified target type.
If the conversion fails, an exception is thrown.
(Defined by ObjectExtensions) |
| ConvertToT |
Converts an object to the specified target type.
If the conversion fails, returns the specified default value.
(Defined by ObjectExtensions) |
| IsDisposable |
Determines whether the specified object is a disposable type
(i.e., it implements IDisposable interface).
(Defined by ObjectExtensions) |
| Speak |
Speaks the string representation of the source object by using the
operating system integrated text-to-speech synthesizer.
(Defined by ObjectExtensions) |
| Speak |
Speaks the string representation of the source object by using the
operating system integrated text-to-speech synthesizer.
(Defined by ObjectExtensions) |
| ThrowIfNullTException |
Throws the specified exception if the source object is null.
(Defined by ObjectExtensions) |