OpenRCE_omega_red
March 11th, 2008, 21:10
During research for my next little project I've gathered detailed type information of few key Windows kernel structures: KPCR, KPRCB, KTHREAD, TEB, PEB. Various flavors of Windows were examined: 2000 SP4, XP SP2 (32/64bit), 2003 SP2 (32bit), Vista SP0 (32/64bit), 2008 SP0 (32/64bit). All data is from windbg on live targets, so it should be accurate.
http://omeg.pl/code/windows_kernel_structures.zip
https://www.openrce.org/blog/view/1079/Different_versions_of_Windows_kernel_structures
http://omeg.pl/code/windows_kernel_structures.zip
https://www.openrce.org/blog/view/1079/Different_versions_of_Windows_kernel_structures