Category: ntquerysection

Breaking Down System Routines #1 [NtQuerySection]

NtQuerySection is a system routine for the Windows operating system that queries information related to a section object and provides the information regarding that object by filling a buffer passed to the function. As an important note, all disassembly and reversing took place on Windows 10 x64 Professional. It requires 4 arguments, 5 if you […]

Read More