_process_8h_source.html

#pragma once


//                 Functions                    //


VOID

ProcessEnableOrDisableThreadChangeMonitor(PROCESSOR_DEBUGGING_STATE * DbgState,

                                          BOOLEAN                     Enable,

                                          BOOLEAN                     IsSwitchByClockIntrrupt);


VOID

ProcessTriggerCr3ProcessChange(UINT32 CoreId);


BOOLEAN

ProcessHandleProcessChange(PROCESSOR_DEBUGGING_STATE * DbgState);


BOOLEAN

ProcessInterpretProcess(PROCESSOR_DEBUGGING_STATE * DbgState, PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET PidRequest);


BOOLEAN

ProcessCheckIfEprocessIsValid(UINT64 Eprocess, UINT64 ActiveProcessHead, ULONG ActiveProcessLinksOffset);


BOOLEAN

ProcessQueryCount(PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS DebuggerUsermodeProcessOrThreadQueryRequest);


BOOLEAN

ProcessQueryList(PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS DebuggerUsermodeProcessOrThreadQueryRequest,

                 PVOID                                       AddressToSaveDetail,

                 UINT32                                      BufferSize);


BOOLEAN

ProcessQueryDetails(PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET GetInformationProcessRequest);

BOOLEAN
UCHAR BOOLEAN
Definition BasicTypes.h:39

VOID
#define VOID
Definition BasicTypes.h:33

UINT64
unsigned __int64 UINT64
Definition BasicTypes.h:21

UINT32
unsigned int UINT32
Definition BasicTypes.h:48

ULONG
unsigned long ULONG
Definition BasicTypes.h:37

ProcessQueryList
BOOLEAN ProcessQueryList(PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS DebuggerUsermodeProcessOrThreadQueryRequest, PVOID AddressToSaveDetail, UINT32 BufferSize)
Query process details (list)
Definition Process.c:649

ProcessTriggerCr3ProcessChange
VOID ProcessTriggerCr3ProcessChange(UINT32 CoreId)
handle process changes for cr3 registers
Definition Process.c:22

ProcessInterpretProcess
BOOLEAN ProcessInterpretProcess(PROCESSOR_DEBUGGING_STATE *DbgState, PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET PidRequest)
change the current process @detail ONLY TO BE USED IN KD STUFFS
Definition Process.c:525

ProcessQueryCount
BOOLEAN ProcessQueryCount(PDEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS DebuggerUsermodeProcessOrThreadQueryRequest)
Query process details (count)
Definition Process.c:616

ProcessCheckIfEprocessIsValid
BOOLEAN ProcessCheckIfEprocessIsValid(UINT64 Eprocess, UINT64 ActiveProcessHead, ULONG ActiveProcessLinksOffset)
checks whether the given nt!_EPROCESS is valid or not
Definition Process.c:264

ProcessHandleProcessChange
BOOLEAN ProcessHandleProcessChange(PROCESSOR_DEBUGGING_STATE *DbgState)
handle process changes
Definition Process.c:42

ProcessEnableOrDisableThreadChangeMonitor
VOID ProcessEnableOrDisableThreadChangeMonitor(PROCESSOR_DEBUGGING_STATE *DbgState, BOOLEAN Enable, BOOLEAN IsSwitchByClockIntrrupt)
Enable or disable the process change monitoring detection on the running core.
Definition Process.c:220

ProcessQueryDetails
BOOLEAN ProcessQueryDetails(PDEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET GetInformationProcessRequest)
Query process details.
Definition Process.c:675

_DEBUGGEE_DETAILS_AND_SWITCH_PROCESS_PACKET
The structure of changing process and show process packet in HyperDbg.
Definition RequestStructures.h:924

_DEBUGGER_QUERY_ACTIVE_PROCESSES_OR_THREADS
request for query count of active processes and threads
Definition RequestStructures.h:742

_PROCESSOR_DEBUGGING_STATE
Saves the debugger state.
Definition State.h:165