Process Enumeration (1)
Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at
raw_sources/offensive-security/Process Enumeration (1).md.
Status: catalogued
Excerpt
Module 34 - Process Enumeration - NtQuerySystemInformation This module discusses a more unique way of performing process enumeration using
NtQuerySystemInformation, which is a syscall (more on syscalls later).NtQuerySystemInformationis exported from thentdll.dllmodule and therefore it will require the use ofGetModuleHandleandGetProcAddress. [Microsoft’s documentation](https://…
Likely wiki targets
Pending — this source has not yet been distilled into wiki pages. Future ingest can populate links to the concept / technique / CVE pages this material would inform.