I'd love to know where some of the hidden functions that aren't officially in the open kernel are documented.
The current WinAPI and NTAPI documentation lacks these functions.
#include <ntapi.h>
Nothing is even documented in the files.
There are plenty of functions in the NTAPI that are not documented. Primarily because they could be subject to change at any point during Microsoft's implementation. An example like NtCreateProcess I believe is undocumented. NtQueryProcessInformation. NtdelayExecution. Many many more. One area you can look for undocumented functions is here. NtInternals Also reversing kernel modules or even ntdll can help you discover some undocumented functions.