diff --git a/README.md b/README.md
index e23eb66..18470de 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,137 @@
 # NTV02_CriticalProcess
-NTAPI系统关键进程视频源代码
+NTAPI系统关键进程视频源代码，用于演示未公开的API
+ - RtlSetProcessIsCritical
+ - RtlSetThreadIsCritical
+ - NtQueryInformationProcess
+
+## 关于RtlSetProcessIsCritical
+
+### 函数原型
+```c++
+VOID RtlSetProcessIsCritical(BOOLEAN NewValue, PBOOLEAN OldValue, BOOLEAN IsWinlogon);
+```
+
+## 关于RtlSetThreadIsCritical
+
+### 函数原型
+```c++
+VOID RtlSetThreadIsCritical(BOOLEAN NewValue, PBOOLEAN OldValue, BOOLEAN IsWinlogon);
+```
+
+## 关于NtQueryInformationProcess
+
+### 函数原型
+```c++
+NTSTATUS NtQueryInformationProcess(IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, OUT PVOID ProcessInformation, IN ULONG ProcessInformationLength, OUT PULONG ReturnLength);
+```
+
+### 未导出类型
+```c++
+enum PROCESSINFOCLASS
+{
+	ProcessBasicInformation = 0x00,
+	ProcessQuotaLimits = 0x01,
+	ProcessIoCounters = 0x02,
+	ProcessVmCounters = 0x03,
+	ProcessTimes = 0x04,
+	ProcessBasePriority = 0x05,
+	ProcessRaisePriority = 0x06,
+	ProcessDebugPort = 0x07,
+	ProcessExceptionPort = 0x08,
+	ProcessAccessToken = 0x09,
+	ProcessLdtInformation = 0x0A,
+	ProcessLdtSize = 0x0B,
+	ProcessDefaultHardErrorMode = 0x0C,
+	ProcessIoPortHandlers = 0x0D,
+	ProcessPooledUsageAndLimits = 0x0E,
+	ProcessWorkingSetWatch = 0x0F,
+	ProcessUserModeIOPL = 0x10,
+	ProcessEnableAlignmentFaultFixup = 0x11,
+	ProcessPriorityClass = 0x12,
+	ProcessWx86Information = 0x13,
+	ProcessHandleCount = 0x14,
+	ProcessAffinityMask = 0x15,
+	ProcessPriorityBoost = 0x16,
+	ProcessDeviceMap = 0x17,
+	ProcessSessionInformation = 0x18,
+	ProcessForegroundInformation = 0x19,
+	ProcessWow64Information = 0x1A,
+	ProcessImageFileName = 0x1B,
+	ProcessLUIDDeviceMapsEnabled = 0x1C,
+	ProcessBreakOnTermination = 0x1D,
+	ProcessDebugObjectHandle = 0x1E,
+	ProcessDebugFlags = 0x1F,
+	ProcessHandleTracing = 0x20,
+	ProcessIoPriority = 0x21,
+	ProcessExecuteFlags = 0x22,
+	ProcessResourceManagement = 0x23,
+	ProcessCookie = 0x24,
+	ProcessImageInformation = 0x25,
+	ProcessCycleTime = 0x26,
+	ProcessPagePriority = 0x27,
+	ProcessInstrumentationCallback = 0x28,
+	ProcessThreadStackAllocation = 0x29,
+	ProcessWorkingSetWatchEx = 0x2A,
+	ProcessImageFileNameWin32 = 0x2B,
+	ProcessImageFileMapping = 0x2C,
+	ProcessAffinityUpdateMode = 0x2D,
+	ProcessMemoryAllocationMode = 0x2E,
+	ProcessGroupInformation = 0x2F,
+	ProcessTokenVirtualizationEnabled = 0x30,
+	ProcessConsoleHostProcess = 0x31,
+	ProcessWindowInformation = 0x32,
+	ProcessHandleInformation = 0x33,
+	ProcessMitigationPolicy = 0x34,
+	ProcessDynamicFunctionTableInformation = 0x35,
+	ProcessHandleCheckingMode = 0x36,
+	ProcessKeepAliveCount = 0x37,
+	ProcessRevokeFileHandles = 0x38,
+	ProcessWorkingSetControl = 0x39,
+	ProcessHandleTable = 0x3A,
+	ProcessCheckStackExtentsMode = 0x3B,
+	ProcessCommandLineInformation = 0x3C,
+	ProcessProtectionInformation = 0x3D,
+	ProcessMemoryExhaustion = 0x3E,
+	ProcessFaultInformation = 0x3F,
+	ProcessTelemetryIdInformation = 0x40,
+	ProcessCommitReleaseInformation = 0x41,
+	ProcessDefaultCpuSetsInformation = 0x42,
+	ProcessAllowedCpuSetsInformation = 0x43,
+	ProcessSubsystemProcess = 0x44,
+	ProcessJobMemoryInformation = 0x45,
+	ProcessInPrivate = 0x46,
+	ProcessRaiseUMExceptionOnInvalidHandleClose = 0x47,
+	ProcessIumChallengeResponse = 0x48,
+	ProcessChildProcessInformation = 0x49,
+	ProcessHighGraphicsPriorityInformation = 0x4A,
+	ProcessSubsystemInformation = 0x4B,
+	ProcessEnergyValues = 0x4C,
+	ProcessActivityThrottleState = 0x4D,
+	ProcessActivityThrottlePolicy = 0x4E,
+	ProcessWin32kSyscallFilterInformation = 0x4F,
+	ProcessDisableSystemAllowedCpuSets = 0x50,
+	ProcessWakeInformation = 0x51,
+	ProcessEnergyTrackingState = 0x52,
+	ProcessManageWritesToExecutableMemory = 0x53,
+	ProcessCaptureTrustletLiveDump = 0x54,
+	ProcessTelemetryCoverage = 0x55,
+	ProcessEnclaveInformation = 0x56,
+	ProcessEnableReadWriteVmLogging = 0x57,
+	ProcessUptimeInformation = 0x58,
+	ProcessImageSection = 0x59,
+	ProcessDebugAuthInformation = 0x5A,
+	ProcessSystemResourceManagement = 0x5B,
+	ProcessSequenceNumber = 0x5C,
+	ProcessLoaderDetour = 0x5D,
+	ProcessSecurityDomainInformation = 0x5E,
+	ProcessCombineSecurityDomainsInformation = 0x5F,
+	ProcessEnableLogging = 0x60,
+	ProcessLeapSecondInformation = 0x61,
+	ProcessFiberShadowStackAllocation = 0x62,
+	ProcessFreeFiberShadowStackAllocation = 0x63,
+	MaxProcessInfoClass = 0x64
+};
+```
+
+### 特殊说明
+```NtQueryInformationProcess```函数及其未导出类型也可在```winternl.h```中找到。