|
We can use ToolHelp API with CreateToolhelp32Snapshot, ThreadFirst, ThreadNext, OpenThread... functions to obtain threadID, threadHandle of all threads in a process which have processID obtained from GetWindowThreadProcessId, OpenProcess.
Some threads have security descriptor which not allow SuspendThread, ResumeThread. We can use the Get/SetSecurityInfo functions to see and change security descriptor of those threads.
|