BlackBone
Windows memory hacking library
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros
NativeStructs.h
Go to the documentation of this file.
1 #pragma once
2 
3 #include "PEStructs.h"
4 
5 #ifdef _WIN81_
6 #include "NativeStructs81.h"
7 #elif _WIN8_
8 #include "NativeStructs8.h"
9 #elif _WIN7_
10 #include "NativeStructs7.h"
11 #else
12 #error Unsupported OS build version
13 #endif
14 
15 
16 typedef union _PS_PROTECTION
17 {
18  UCHAR Level;
19  struct
20  {
21  int Type : 3;
22  int Audit : 1;
23  int Signer : 4;
24  } Flags;
25 } PS_PROTECTION, *PPS_PROTECTION;
26 
27 typedef union _KEXECUTE_OPTIONS
28 {
29  struct
30  {
31  int ExecuteDisable : 1;
32  int ExecuteEnable : 1;
33  int DisableThunkEmulation : 1;
34  int Permanent : 1;
35  int ExecuteDispatchEnable : 1;
36  int ImageDispatchEnable : 1;
37  int DisableExceptionChainValidation : 1;
38  int Spare : 1;
39  } Flags;
40 
41  UCHAR ExecuteOptions;
42 } KEXECUTE_OPTIONS, *PKEXECUTE_OPTIONS;
43 
44 typedef union _EXHANDLE
45 {
46  struct
47  {
48  int TagBits : 2;
49  int Index : 30;
50  } u;
51  void * GenericHandleOverlay;
52  ULONG_PTR Value;
53 } EXHANDLE, *PEXHANDLE;
54 
55 #pragma warning(disable : 4214 4201)
56 
57 
58 typedef struct _HANDLE_TABLE_ENTRY // Size=16
59 {
60  union
61  {
62  ULONG_PTR VolatileLowValue; // Size=8 Offset=0
63  ULONG_PTR LowValue; // Size=8 Offset=0
64  struct _HANDLE_TABLE_ENTRY_INFO * InfoTable; // Size=8 Offset=0
65  struct
66  {
67  ULONG_PTR Unlocked : 1; // Size=8 Offset=0 BitOffset=0 BitCount=1
68  ULONG_PTR RefCnt : 16; // Size=8 Offset=0 BitOffset=1 BitCount=16
69  ULONG_PTR Attributes : 3; // Size=8 Offset=0 BitOffset=17 BitCount=3
70  ULONG_PTR ObjectPointerBits : 44; // Size=8 Offset=0 BitOffset=20 BitCount=44
71  };
72  };
73  union
74  {
75  ULONG_PTR HighValue; // Size=8 Offset=8
76  struct _HANDLE_TABLE_ENTRY * NextFreeHandleEntry; // Size=8 Offset=8
77  union _EXHANDLE LeafHandleValue; // Size=8 Offset=8
78  struct
79  {
80  ULONG GrantedAccessBits : 25; // Size=4 Offset=8 BitOffset=0 BitCount=25
81  ULONG NoRightsUpgrade : 1; // Size=4 Offset=8 BitOffset=25 BitCount=1
82  ULONG Spare : 6; // Size=4 Offset=8 BitOffset=26 BitCount=6
83  };
84  };
85  ULONG TypeInfo; // Size=4 Offset=12
86 } HANDLE_TABLE_ENTRY, *PHANDLE_TABLE_ENTRY;
87 
88 
89 typedef struct _HANDLE_TABLE_FREE_LIST // Size=64
90 {
91  void* FreeListLock; // Size=8 Offset=0
92  struct _HANDLE_TABLE_ENTRY * FirstFreeHandleEntry; // Size=8 Offset=8
93  struct _HANDLE_TABLE_ENTRY * LastFreeHandleEntry; // Size=8 Offset=16
94  long HandleCount; // Size=4 Offset=24
95  ULONG HighWaterMark; // Size=4 Offset=28
96  ULONG Reserved[8]; // Size=32 Offset=32
97 } HANDLE_TABLE_FREE_LIST, *PHANDLE_TABLE_FREE_LIST;
98 
99 
100 typedef struct _HANDLE_TABLE // Size=128
101 {
102  ULONG NextHandleNeedingPool; // Size=4 Offset=0
103  long ExtraInfoPages; // Size=4 Offset=4
104  LONG_PTR TableCode; // Size=8 Offset=8
105  struct _EPROCESS * QuotaProcess; // Size=8 Offset=16
106  struct _LIST_ENTRY HandleTableList; // Size=16 Offset=24
107  ULONG UniqueProcessId; // Size=4 Offset=40
108  union
109  {
110  ULONG Flags; // Size=4 Offset=44
111  struct
112  {
113  UCHAR StrictFIFO : 1; // Size=1 Offset=44 BitOffset=0 BitCount=1
114  UCHAR EnableHandleExceptions : 1; // Size=1 Offset=44 BitOffset=1 BitCount=1
115  UCHAR Rundown : 1; // Size=1 Offset=44 BitOffset=2 BitCount=1
116  UCHAR Duplicated : 1; // Size=1 Offset=44 BitOffset=3 BitCount=1
117  } u1;
118  } u2;
119  void* HandleContentionEvent; // Size=8 Offset=48
120  void* HandleTableLock; // Size=8 Offset=56
121  union
122  {
123  struct _HANDLE_TABLE_FREE_LIST FreeLists[1]; // Size=64 Offset=64
124  struct
125  {
126  UCHAR ActualEntry[32]; // Size=32 Offset=64
127  struct _HANDLE_TRACE_DEBUG_INFO * DebugInfo; // Size=8 Offset=96
128  } u3;
129  } u4;
130 } HANDLE_TABLE, *PHANDLE_TABLE;
131 
132 
133 typedef struct _OBJECT_HEADER // Size=56
134 {
135  ULONG_PTR PointerCount; // Size=8 Offset=0
136  union
137  {
138  ULONG_PTR HandleCount; // Size=8 Offset=8
139  void * NextToFree; // Size=8 Offset=8
140  };
141  void* Lock; // Size=8 Offset=16
142  UCHAR TypeIndex; // Size=1 Offset=24
143  union
144  {
145  UCHAR TraceFlags; // Size=1 Offset=25
146  struct
147  {
148  UCHAR DbgRefTrace : 1; // Size=1 Offset=25 BitOffset=0 BitCount=1
149  UCHAR DbgTracePermanent : 1; // Size=1 Offset=25 BitOffset=1 BitCount=1
150  };
151  };
152  UCHAR InfoMask; // Size=1 Offset=26
153  union
154  {
155  UCHAR Flags; // Size=1 Offset=27
156  struct
157  {
158  UCHAR NewObject : 1; // Size=1 Offset=27 BitOffset=0 BitCount=1
159  UCHAR KernelObject : 1; // Size=1 Offset=27 BitOffset=1 BitCount=1
160  UCHAR KernelOnlyAccess : 1; // Size=1 Offset=27 BitOffset=2 BitCount=1
161  UCHAR ExclusiveObject : 1; // Size=1 Offset=27 BitOffset=3 BitCount=1
162  UCHAR PermanentObject : 1; // Size=1 Offset=27 BitOffset=4 BitCount=1
163  UCHAR DefaultSecurityQuota : 1; // Size=1 Offset=27 BitOffset=5 BitCount=1
164  UCHAR SingleHandleEntry : 1; // Size=1 Offset=27 BitOffset=6 BitCount=1
165  UCHAR DeletedInline : 1; // Size=1 Offset=27 BitOffset=7 BitCount=1
166  };
167  };
168  ULONG Spare; // Size=4 Offset=28
169  union
170  {
171  struct _OBJECT_CREATE_INFORMATION * ObjectCreateInfo; // Size=8 Offset=32
172  void * QuotaBlockCharged; // Size=8 Offset=32
173  };
174  void * SecurityDescriptor; // Size=8 Offset=40
175  struct _QUAD Body; // Size=8 Offset=48
176 } OBJECT_HEADER, *POBJECT_HEADER;
177 
178 typedef struct _MEMORY_BASIC_INFORMATION
179 {
180  PVOID BaseAddress;
181  PVOID AllocationBase;
182  ULONG AllocationProtect;
183  SIZE_T RegionSize;
184  ULONG State;
185  ULONG Protect;
186  ULONG Type;
187 } MEMORY_BASIC_INFORMATION, *PMEMORY_BASIC_INFORMATION;
188 
189 typedef struct _SYSTEM_CALL_COUNT_INFORMATION
190 {
191  ULONG Length;
192  ULONG NumberOfTables;
193  ULONG limits[2];
194  } SYSTEM_CALL_COUNT_INFORMATION, *PSYSTEM_CALL_COUNT_INFORMATION;
195 
196 typedef struct _SYSTEM_THREAD_INFORMATION
197 {
198  LARGE_INTEGER KernelTime;
199  LARGE_INTEGER UserTime;
200  LARGE_INTEGER CreateTime;
201  ULONG WaitTime;
202  PVOID StartAddress;
203  CLIENT_ID ClientId;
204  KPRIORITY Priority;
205  LONG BasePriority;
206  ULONG ContextSwitches;
207  ULONG ThreadState;
208  KWAIT_REASON WaitReason;
209 }SYSTEM_THREAD_INFORMATION, *PSYSTEM_THREAD_INFORMATION;
210 
211 typedef struct _THREAD_BASIC_INFORMATION
212 {
213  NTSTATUS ExitStatus;
214  PVOID TebBaseAddress;
215  CLIENT_ID ClientId;
216  ULONG_PTR AffinityMask;
217  LONG Priority;
218  LONG BasePriority;
219 } THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;
220 
221 typedef struct _SYSTEM_PROCESS_INFO
222 {
223  ULONG NextEntryOffset;
224  ULONG NumberOfThreads;
225  LARGE_INTEGER WorkingSetPrivateSize;
226  ULONG HardFaultCount;
227  ULONG NumberOfThreadsHighWatermark;
228  ULONGLONG CycleTime;
229  LARGE_INTEGER CreateTime;
230  LARGE_INTEGER UserTime;
231  LARGE_INTEGER KernelTime;
232  UNICODE_STRING ImageName;
233  KPRIORITY BasePriority;
234  HANDLE UniqueProcessId;
235  HANDLE InheritedFromUniqueProcessId;
236  ULONG HandleCount;
237  ULONG SessionId;
238  ULONG_PTR UniqueProcessKey;
239  SIZE_T PeakVirtualSize;
240  SIZE_T VirtualSize;
241  ULONG PageFaultCount;
242  SIZE_T PeakWorkingSetSize;
243  SIZE_T WorkingSetSize;
244  SIZE_T QuotaPeakPagedPoolUsage;
245  SIZE_T QuotaPagedPoolUsage;
246  SIZE_T QuotaPeakNonPagedPoolUsage;
247  SIZE_T QuotaNonPagedPoolUsage;
248  SIZE_T PagefileUsage;
249  SIZE_T PeakPagefileUsage;
250  SIZE_T PrivatePageCount;
251  LARGE_INTEGER ReadOperationCount;
252  LARGE_INTEGER WriteOperationCount;
253  LARGE_INTEGER OtherOperationCount;
254  LARGE_INTEGER ReadTransferCount;
255  LARGE_INTEGER WriteTransferCount;
256  LARGE_INTEGER OtherTransferCount;
257  SYSTEM_THREAD_INFORMATION Threads[1];
258 }SYSTEM_PROCESS_INFO, *PSYSTEM_PROCESS_INFO;
259 
260 #pragma warning(disable : 4214)
261 typedef struct _MMPTE_HARDWARE64
262 {
263  ULONGLONG Valid : 1;
264  ULONGLONG Dirty1 : 1;
265  ULONGLONG Owner : 1;
266  ULONGLONG WriteThrough : 1;
267  ULONGLONG CacheDisable : 1;
268  ULONGLONG Accessed : 1;
269  ULONGLONG Dirty : 1;
270  ULONGLONG LargePage : 1;
271  ULONGLONG Global : 1;
272  ULONGLONG CopyOnWrite : 1;
273  ULONGLONG Unused : 1;
274  ULONGLONG Write : 1;
275  ULONGLONG PageFrameNumber : 36;
276  ULONGLONG reserved1 : 4;
277  ULONGLONG SoftwareWsIndex : 11;
278  ULONGLONG NoExecute : 1;
279 } MMPTE_HARDWARE64, *PMMPTE_HARDWARE64;
280 
281 typedef struct _MMPTE
282 {
283  union
284  {
285  ULONG_PTR Long;
286  MMPTE_HARDWARE64 Hard;
287  } u;
288 } MMPTE;
289 typedef MMPTE *PMMPTE;
290 
291 #pragma warning(default : 4214)
292 
293 typedef struct _NT_PROC_THREAD_ATTRIBUTE_ENTRY
294 {
295  ULONG Attribute; // PROC_THREAD_ATTRIBUTE_XXX
296  SIZE_T Size;
297  ULONG_PTR Value;
298  ULONG Unknown;
299 } NT_PROC_THREAD_ATTRIBUTE_ENTRY, *NT_PPROC_THREAD_ATTRIBUTE_ENTRY;
300 
301 typedef struct _NT_PROC_THREAD_ATTRIBUTE_LIST
302 {
303  ULONG Length;
304  NT_PROC_THREAD_ATTRIBUTE_ENTRY Entry[1];
305 } NT_PROC_THREAD_ATTRIBUTE_LIST, *PNT_PROC_THREAD_ATTRIBUTE_LIST;
306 
307 
308 typedef struct _RTL_PROCESS_MODULE_INFORMATION
309 {
310  HANDLE Section; // Not filled in
311  PVOID MappedBase;
312  PVOID ImageBase;
313  ULONG ImageSize;
314  ULONG Flags;
315  USHORT LoadOrderIndex;
316  USHORT InitOrderIndex;
317  USHORT LoadCount;
318  USHORT OffsetToFileName;
319  UCHAR FullPathName[256];
320 } RTL_PROCESS_MODULE_INFORMATION, *PRTL_PROCESS_MODULE_INFORMATION;
321 
322 typedef struct _RTL_PROCESS_MODULES
323 {
324  ULONG NumberOfModules;
325  RTL_PROCESS_MODULE_INFORMATION Modules[1];
326 } RTL_PROCESS_MODULES, *PRTL_PROCESS_MODULES;
327 
328 #pragma warning(disable : 4214)
329 typedef union _MEMORY_WORKING_SET_EX_BLOCK
330 {
331  ULONG_PTR Flags;
332  struct
333  {
334  ULONG_PTR Valid : 1;
335  ULONG_PTR ShareCount : 3;
336  ULONG_PTR Win32Protection : 11;
337  ULONG_PTR Shared : 1;
338  ULONG_PTR Node : 6;
339  ULONG_PTR Locked : 1;
340  ULONG_PTR LargePage : 1;
341  ULONG_PTR Reserved : 7;
342  ULONG_PTR Bad : 1;
343 
344 #if defined(_WIN64)
345  ULONG_PTR ReservedUlong : 32;
346 #endif
347  };
348 } MEMORY_WORKING_SET_EX_BLOCK, *PMEMORY_WORKING_SET_EX_BLOCK;
349 
350 typedef struct _MEMORY_WORKING_SET_EX_INFORMATION
351 {
352  PVOID VirtualAddress;
353  MEMORY_WORKING_SET_EX_BLOCK VirtualAttributes;
354 } MEMORY_WORKING_SET_EX_INFORMATION, *PMEMORY_WORKING_SET_EX_INFORMATION;
355 
356 #pragma warning(default : 4214)
357 
358 
359 typedef struct _PEB_LDR_DATA
360 {
361  ULONG Length;
362  UCHAR Initialized;
363  PVOID SsHandle;
364  LIST_ENTRY InLoadOrderModuleList;
365  LIST_ENTRY InMemoryOrderModuleList;
366  LIST_ENTRY InInitializationOrderModuleList;
367 } PEB_LDR_DATA, *PPEB_LDR_DATA;
368 
369 typedef struct _LDR_DATA_TABLE_ENTRY
370 {
371  LIST_ENTRY InLoadOrderLinks;
372  LIST_ENTRY InMemoryOrderLinks;
373  LIST_ENTRY InInitializationOrderLinks;
374  PVOID DllBase;
375  PVOID EntryPoint;
376  ULONG SizeOfImage;
377  UNICODE_STRING FullDllName;
378  UNICODE_STRING BaseDllName;
379  ULONG Flags;
380  USHORT LoadCount;
381  USHORT TlsIndex;
382  LIST_ENTRY HashLinks;
383  ULONG TimeDateStamp;
384 } LDR_DATA_TABLE_ENTRY, *PLDR_DATA_TABLE_ENTRY;
385 
386 
387 typedef struct _PEB
388 {
389  UCHAR Reserved1[2];
390  UCHAR BeingDebugged;
391  UCHAR Reserved2[1];
392  PVOID Reserved3[2];
393  PPEB_LDR_DATA Ldr;
394  PVOID ProcessParameters;
395 } PEB, *PPEB;
396 
397 typedef struct _PEB_LDR_DATA32
398 {
399  ULONG Length;
400  UCHAR Initialized;
401  ULONG SsHandle;
402  LIST_ENTRY32 InLoadOrderModuleList;
403  LIST_ENTRY32 InMemoryOrderModuleList;
404  LIST_ENTRY32 InInitializationOrderModuleList;
405 } PEB_LDR_DATA32, *PPEB_LDR_DATA32;
406 
407 typedef struct _LDR_DATA_TABLE_ENTRY32
408 {
409  LIST_ENTRY32 InLoadOrderLinks;
410  LIST_ENTRY32 InMemoryOrderLinks;
411  LIST_ENTRY32 InInitializationOrderLinks;
412  ULONG DllBase;
413  ULONG EntryPoint;
414  ULONG SizeOfImage;
415  UNICODE_STRING32 FullDllName;
416  UNICODE_STRING32 BaseDllName;
417  ULONG Flags;
418  USHORT LoadCount;
419  USHORT TlsIndex;
420  LIST_ENTRY32 HashLinks;
421  ULONG TimeDateStamp;
422 } LDR_DATA_TABLE_ENTRY32, *PLDR_DATA_TABLE_ENTRY32;
423 
424 typedef struct _PEB32
425 {
426  UCHAR Reserved1[2];
427  UCHAR BeingDebugged;
428  UCHAR Reserved2[1];
429  ULONG Mutant;
430  ULONG ImageBaseAddress;
431  ULONG Ldr;
432  ULONG ProcessParameters;
433 } PEB32, *PPEB32;
434 
435 typedef union _WOW64_APC_CONTEXT
436 {
437  struct
438  {
439  ULONG Apc32BitContext;
440  ULONG Apc32BitRoutine;
441  };
442 
443  PVOID Apc64BitContext;
444 
445 } WOW64_APC_CONTEXT, *PWOW64_APC_CONTEXT;
446 
447 
448 typedef struct _NON_PAGED_DEBUG_INFO
449 {
450  USHORT Signature;
451  USHORT Flags;
452  ULONG Size;
453  USHORT Machine;
454  USHORT Characteristics;
455  ULONG TimeDateStamp;
456  ULONG CheckSum;
457  ULONG SizeOfImage;
458  ULONGLONG ImageBase;
459 } NON_PAGED_DEBUG_INFO, *PNON_PAGED_DEBUG_INFO;
460 
461 typedef struct _KLDR_DATA_TABLE_ENTRY
462 {
463  LIST_ENTRY InLoadOrderLinks;
464  PVOID ExceptionTable;
465  ULONG ExceptionTableSize;
466  // ULONG padding on IA64
467  PVOID GpValue;
468  PNON_PAGED_DEBUG_INFO NonPagedDebugInfo;
469  PVOID DllBase;
470  PVOID EntryPoint;
471  ULONG SizeOfImage;
472  UNICODE_STRING FullDllName;
473  UNICODE_STRING BaseDllName;
474  ULONG Flags;
475  USHORT LoadCount;
476  USHORT __Unused5;
477  PVOID SectionPointer;
478  ULONG CheckSum;
479  // ULONG padding on IA64
480  PVOID LoadedImports;
481  PVOID PatchInformation;
482 } KLDR_DATA_TABLE_ENTRY, *PKLDR_DATA_TABLE_ENTRY;
_MMPTE_HARDWARE64::reserved1
ULONGLONG reserved1
Definition: NativeStructs.h:276
PHANDLE_TABLE_FREE_LIST
struct _HANDLE_TABLE_FREE_LIST * PHANDLE_TABLE_FREE_LIST
_KEXECUTE_OPTIONS::Spare
int Spare
Definition: NativeStructs.h:38
_MMPTE_HARDWARE64
Definition: NativeStructs.h:261
PHANDLE_TABLE
struct _HANDLE_TABLE * PHANDLE_TABLE
_HANDLE_TABLE::u2
union _HANDLE_TABLE::@11 u2
_HANDLE_TABLE_ENTRY::InfoTable
struct _HANDLE_TABLE_ENTRY_INFO * InfoTable
Definition: NativeStructs.h:64
_OBJECT_HEADER::Spare
ULONG Spare
Definition: NativeStructs.h:168
PPEB_LDR_DATA
struct _PEB_LDR_DATA * PPEB_LDR_DATA
PMEMORY_WORKING_SET_EX_BLOCK
union _MEMORY_WORKING_SET_EX_BLOCK * PMEMORY_WORKING_SET_EX_BLOCK
_LDR_DATA_TABLE_ENTRY::InMemoryOrderLinks
LIST_ENTRY InMemoryOrderLinks
Definition: NativeStructs.h:372
_PEB_LDR_DATA32::InInitializationOrderModuleList
LIST_ENTRY32 InInitializationOrderModuleList
Definition: NativeStructs.h:404
_SYSTEM_THREAD_INFORMATION::CreateTime
LARGE_INTEGER CreateTime
Definition: NativeStructs.h:200
HANDLE_TABLE
struct _HANDLE_TABLE HANDLE_TABLE
_HANDLE_TABLE::TableCode
LONG_PTR TableCode
Definition: NativeStructs.h:104
_KLDR_DATA_TABLE_ENTRY::LoadedImports
PVOID LoadedImports
Definition: NativeStructs.h:480
_EXHANDLE
Definition: NativeStructs.h:44
_OBJECT_HEADER::PermanentObject
UCHAR PermanentObject
Definition: NativeStructs.h:162
_PEB_LDR_DATA::InLoadOrderModuleList
LIST_ENTRY InLoadOrderModuleList
Definition: NativeStructs.h:364
PEB32
struct _PEB32 PEB32
PNT_PROC_THREAD_ATTRIBUTE_LIST
struct _NT_PROC_THREAD_ATTRIBUTE_LIST * PNT_PROC_THREAD_ATTRIBUTE_LIST
_PS_PROTECTION::Type
int Type
Definition: NativeStructs.h:21
_HANDLE_TABLE_ENTRY::HighValue
ULONG_PTR HighValue
Definition: NativeStructs.h:75
_MMPTE_HARDWARE64::Dirty1
ULONGLONG Dirty1
Definition: NativeStructs.h:264
_MEMORY_WORKING_SET_EX_INFORMATION
Definition: NativeStructs.h:350
_RTL_PROCESS_MODULE_INFORMATION::LoadCount
USHORT LoadCount
Definition: NativeStructs.h:317
_OBJECT_HEADER::TypeIndex
UCHAR TypeIndex
Definition: NativeStructs.h:142
_KLDR_DATA_TABLE_ENTRY::EntryPoint
PVOID EntryPoint
Definition: NativeStructs.h:470
_RTL_PROCESS_MODULES::NumberOfModules
ULONG NumberOfModules
Definition: NativeStructs.h:324
_HANDLE_TABLE::FreeLists
struct _HANDLE_TABLE_FREE_LIST FreeLists[1]
Definition: NativeStructs.h:123
PMMPTE
MMPTE * PMMPTE
Definition: NativeStructs.h:289
_OBJECT_HEADER::SecurityDescriptor
void * SecurityDescriptor
Definition: NativeStructs.h:174
_PEB::Ldr
PPEB_LDR_DATA Ldr
Definition: NativeStructs.h:393
KLDR_DATA_TABLE_ENTRY
struct _KLDR_DATA_TABLE_ENTRY KLDR_DATA_TABLE_ENTRY
EXHANDLE
union _EXHANDLE EXHANDLE
NativeStructs8.h
_MMPTE_HARDWARE64::CopyOnWrite
ULONGLONG CopyOnWrite
Definition: NativeStructs.h:272
_PEB32
Definition: NativeStructs.h:424
PKLDR_DATA_TABLE_ENTRY
struct _KLDR_DATA_TABLE_ENTRY * PKLDR_DATA_TABLE_ENTRY
_EXHANDLE::GenericHandleOverlay
void * GenericHandleOverlay
Definition: NativeStructs.h:51
_SYSTEM_THREAD_INFORMATION::ThreadState
ULONG ThreadState
Definition: NativeStructs.h:207
_EXHANDLE::Value
ULONG_PTR Value
Definition: NativeStructs.h:52
PPEB32
struct _PEB32 * PPEB32
PNON_PAGED_DEBUG_INFO
struct _NON_PAGED_DEBUG_INFO * PNON_PAGED_DEBUG_INFO
_SYSTEM_PROCESS_INFO::UniqueProcessId
HANDLE UniqueProcessId
Definition: NativeStructs.h:234
_MEMORY_WORKING_SET_EX_BLOCK::Reserved
ULONG_PTR Reserved
Definition: NativeStructs.h:341
_HANDLE_TABLE_FREE_LIST::LastFreeHandleEntry
struct _HANDLE_TABLE_ENTRY * LastFreeHandleEntry
Definition: NativeStructs.h:93
_RTL_PROCESS_MODULES
Definition: NativeStructs.h:322
_MEMORY_WORKING_SET_EX_INFORMATION::VirtualAttributes
MEMORY_WORKING_SET_EX_BLOCK VirtualAttributes
Definition: NativeStructs.h:353
_PEB_LDR_DATA::InInitializationOrderModuleList
LIST_ENTRY InInitializationOrderModuleList
Definition: NativeStructs.h:366
PEStructs.h
_SYSTEM_PROCESS_INFO::PagefileUsage
SIZE_T PagefileUsage
Definition: NativeStructs.h:248
_SYSTEM_PROCESS_INFO::InheritedFromUniqueProcessId
HANDLE InheritedFromUniqueProcessId
Definition: NativeStructs.h:235
_PEB_LDR_DATA32::InLoadOrderModuleList
LIST_ENTRY32 InLoadOrderModuleList
Definition: NativeStructs.h:402
_KEXECUTE_OPTIONS::Flags
struct _KEXECUTE_OPTIONS::@1 Flags
_HANDLE_TABLE_ENTRY
Definition: NativeStructs.h:58
_EXHANDLE::Index
int Index
Definition: NativeStructs.h:49
HANDLE_TABLE_FREE_LIST
struct _HANDLE_TABLE_FREE_LIST HANDLE_TABLE_FREE_LIST
_HANDLE_TABLE::HandleContentionEvent
void * HandleContentionEvent
Definition: NativeStructs.h:119
NativeStructs7.h
_PEB32::Ldr
ULONG Ldr
Definition: NativeStructs.h:431
_PEB_LDR_DATA::Length
ULONG Length
Definition: NativeStructs.h:361
_RTL_PROCESS_MODULE_INFORMATION::OffsetToFileName
USHORT OffsetToFileName
Definition: NativeStructs.h:318
_NON_PAGED_DEBUG_INFO::Flags
USHORT Flags
Definition: NativeStructs.h:451
_SYSTEM_THREAD_INFORMATION::ClientId
CLIENT_ID ClientId
Definition: NativeStructs.h:203
_MMPTE_HARDWARE64::SoftwareWsIndex
ULONGLONG SoftwareWsIndex
Definition: NativeStructs.h:277
_HANDLE_TABLE::HandleTableList
struct _LIST_ENTRY HandleTableList
Definition: NativeStructs.h:106
_KLDR_DATA_TABLE_ENTRY::DllBase
PVOID DllBase
Definition: NativeStructs.h:469
_THREAD_BASIC_INFORMATION::AffinityMask
ULONG_PTR AffinityMask
Definition: NativeStructs.h:216
PMMPTE_HARDWARE64
struct _MMPTE_HARDWARE64 * PMMPTE_HARDWARE64
_HANDLE_TABLE_ENTRY::TypeInfo
ULONG TypeInfo
Definition: NativeStructs.h:85
_LDR_DATA_TABLE_ENTRY32::HashLinks
LIST_ENTRY32 HashLinks
Definition: NativeStructs.h:420
_NON_PAGED_DEBUG_INFO::Machine
USHORT Machine
Definition: NativeStructs.h:453
_OBJECT_HEADER::DbgTracePermanent
UCHAR DbgTracePermanent
Definition: NativeStructs.h:149
_KLDR_DATA_TABLE_ENTRY::SectionPointer
PVOID SectionPointer
Definition: NativeStructs.h:477
_SYSTEM_PROCESS_INFO::PeakWorkingSetSize
SIZE_T PeakWorkingSetSize
Definition: NativeStructs.h:242
_MMPTE_HARDWARE64::Valid
ULONGLONG Valid
Definition: NativeStructs.h:263
_EXHANDLE::TagBits
int TagBits
Definition: NativeStructs.h:48
_PEB::BeingDebugged
UCHAR BeingDebugged
Definition: NativeStructs.h:390
LDR_DATA_TABLE_ENTRY32
struct _LDR_DATA_TABLE_ENTRY32 LDR_DATA_TABLE_ENTRY32
_OBJECT_HEADER::InfoMask
UCHAR InfoMask
Definition: NativeStructs.h:152
_HANDLE_TABLE_ENTRY::NextFreeHandleEntry
struct _HANDLE_TABLE_ENTRY * NextFreeHandleEntry
Definition: NativeStructs.h:76
_NON_PAGED_DEBUG_INFO
Definition: NativeStructs.h:448
_SYSTEM_CALL_COUNT_INFORMATION::limits
ULONG limits[2]
Definition: NativeStructs.h:193
_NT_PROC_THREAD_ATTRIBUTE_LIST
Definition: NativeStructs.h:301
_KEXECUTE_OPTIONS::DisableThunkEmulation
int DisableThunkEmulation
Definition: NativeStructs.h:33
_SYSTEM_THREAD_INFORMATION::BasePriority
LONG BasePriority
Definition: NativeStructs.h:205
PS_PROTECTION
union _PS_PROTECTION PS_PROTECTION
_LDR_DATA_TABLE_ENTRY32::InInitializationOrderLinks
LIST_ENTRY32 InInitializationOrderLinks
Definition: NativeStructs.h:411
_PEB_LDR_DATA::Initialized
UCHAR Initialized
Definition: NativeStructs.h:362
RTL_PROCESS_MODULE_INFORMATION
struct _RTL_PROCESS_MODULE_INFORMATION RTL_PROCESS_MODULE_INFORMATION
_HANDLE_TABLE_FREE_LIST::FreeListLock
void * FreeListLock
Definition: NativeStructs.h:91
_SYSTEM_PROCESS_INFO::PeakVirtualSize
SIZE_T PeakVirtualSize
Definition: NativeStructs.h:239
MEMORY_WORKING_SET_EX_BLOCK
union _MEMORY_WORKING_SET_EX_BLOCK MEMORY_WORKING_SET_EX_BLOCK
_RTL_PROCESS_MODULE_INFORMATION::Section
HANDLE Section
Definition: NativeStructs.h:310
_SYSTEM_PROCESS_INFO::WriteOperationCount
LARGE_INTEGER WriteOperationCount
Definition: NativeStructs.h:252
_HANDLE_TABLE
Definition: NativeStructs.h:100
_KLDR_DATA_TABLE_ENTRY::CheckSum
ULONG CheckSum
Definition: NativeStructs.h:478
_LDR_DATA_TABLE_ENTRY32::FullDllName
UNICODE_STRING32 FullDllName
Definition: NativeStructs.h:415
_KLDR_DATA_TABLE_ENTRY::GpValue
PVOID GpValue
Definition: NativeStructs.h:467
_PEB_LDR_DATA::InMemoryOrderModuleList
LIST_ENTRY InMemoryOrderModuleList
Definition: NativeStructs.h:365
_NT_PROC_THREAD_ATTRIBUTE_ENTRY::Value
ULONG_PTR Value
Definition: NativeStructs.h:297
_MEMORY_BASIC_INFORMATION::Protect
ULONG Protect
Definition: NativeStructs.h:185
_SYSTEM_PROCESS_INFO::HandleCount
ULONG HandleCount
Definition: NativeStructs.h:236
PSYSTEM_CALL_COUNT_INFORMATION
struct _SYSTEM_CALL_COUNT_INFORMATION * PSYSTEM_CALL_COUNT_INFORMATION
SYSTEM_CALL_COUNT_INFORMATION
struct _SYSTEM_CALL_COUNT_INFORMATION SYSTEM_CALL_COUNT_INFORMATION
_SYSTEM_PROCESS_INFO::UniqueProcessKey
ULONG_PTR UniqueProcessKey
Definition: NativeStructs.h:238
_RTL_PROCESS_MODULE_INFORMATION::LoadOrderIndex
USHORT LoadOrderIndex
Definition: NativeStructs.h:315
_MMPTE_HARDWARE64::LargePage
ULONGLONG LargePage
Definition: NativeStructs.h:270
NTSTATUS
typedef NTSTATUS(NTAPI *fnNtCreateThreadEx)(OUT PHANDLE hThread
_HANDLE_TABLE::NextHandleNeedingPool
ULONG NextHandleNeedingPool
Definition: NativeStructs.h:102
_HANDLE_TABLE_FREE_LIST::HighWaterMark
ULONG HighWaterMark
Definition: NativeStructs.h:95
_MMPTE_HARDWARE64::Global
ULONGLONG Global
Definition: NativeStructs.h:271
LDR_DATA_TABLE_ENTRY
struct _LDR_DATA_TABLE_ENTRY LDR_DATA_TABLE_ENTRY
_THREAD_BASIC_INFORMATION::ClientId
CLIENT_ID ClientId
Definition: NativeStructs.h:215
_SYSTEM_PROCESS_INFO
Definition: NativeStructs.h:221
_LDR_DATA_TABLE_ENTRY32::BaseDllName
UNICODE_STRING32 BaseDllName
Definition: NativeStructs.h:416
PRTL_PROCESS_MODULES
struct _RTL_PROCESS_MODULES * PRTL_PROCESS_MODULES
_HANDLE_TABLE::Duplicated
UCHAR Duplicated
Definition: NativeStructs.h:116
_OBJECT_HEADER::QuotaBlockCharged
void * QuotaBlockCharged
Definition: NativeStructs.h:172
NON_PAGED_DEBUG_INFO
struct _NON_PAGED_DEBUG_INFO NON_PAGED_DEBUG_INFO
_OBJECT_HEADER::KernelObject
UCHAR KernelObject
Definition: NativeStructs.h:159
PEXHANDLE
union _EXHANDLE * PEXHANDLE
_HANDLE_TABLE::Flags
ULONG Flags
Definition: NativeStructs.h:110
_LDR_DATA_TABLE_ENTRY::TimeDateStamp
ULONG TimeDateStamp
Definition: NativeStructs.h:383
_THREAD_BASIC_INFORMATION::BasePriority
LONG BasePriority
Definition: NativeStructs.h:218
_OBJECT_HEADER::ExclusiveObject
UCHAR ExclusiveObject
Definition: NativeStructs.h:161
_PEB32::Mutant
ULONG Mutant
Definition: NativeStructs.h:429
MEMORY_BASIC_INFORMATION
struct _MEMORY_BASIC_INFORMATION MEMORY_BASIC_INFORMATION
_LDR_DATA_TABLE_ENTRY32::SizeOfImage
ULONG SizeOfImage
Definition: NativeStructs.h:414
_HANDLE_TABLE_ENTRY::RefCnt
ULONG_PTR RefCnt
Definition: NativeStructs.h:68
_PS_PROTECTION::Audit
int Audit
Definition: NativeStructs.h:22
PSYSTEM_THREAD_INFORMATION
struct _SYSTEM_THREAD_INFORMATION * PSYSTEM_THREAD_INFORMATION
NT_PROC_THREAD_ATTRIBUTE_ENTRY
struct _NT_PROC_THREAD_ATTRIBUTE_ENTRY NT_PROC_THREAD_ATTRIBUTE_ENTRY
PWOW64_APC_CONTEXT
union _WOW64_APC_CONTEXT * PWOW64_APC_CONTEXT
_MEMORY_BASIC_INFORMATION::Type
ULONG Type
Definition: NativeStructs.h:186
_KEXECUTE_OPTIONS::ExecuteOptions
UCHAR ExecuteOptions
Definition: NativeStructs.h:41
_HANDLE_TABLE::ActualEntry
UCHAR ActualEntry[32]
Definition: NativeStructs.h:126
_PS_PROTECTION::Flags
struct _PS_PROTECTION::@0 Flags
_MMPTE_HARDWARE64::WriteThrough
ULONGLONG WriteThrough
Definition: NativeStructs.h:266
WOW64_APC_CONTEXT
union _WOW64_APC_CONTEXT WOW64_APC_CONTEXT
_MEMORY_WORKING_SET_EX_INFORMATION::VirtualAddress
PVOID VirtualAddress
Definition: NativeStructs.h:352
_MMPTE::u
union _MMPTE::@27 u
_MEMORY_BASIC_INFORMATION
Definition: NativeStructs.h:178
_KLDR_DATA_TABLE_ENTRY::__Unused5
USHORT __Unused5
Definition: NativeStructs.h:476
_MEMORY_WORKING_SET_EX_BLOCK::Flags
ULONG_PTR Flags
Definition: NativeStructs.h:331
_MEMORY_BASIC_INFORMATION::RegionSize
SIZE_T RegionSize
Definition: NativeStructs.h:183
_MEMORY_WORKING_SET_EX_BLOCK
Definition: NativeStructs.h:329
_NON_PAGED_DEBUG_INFO::ImageBase
ULONGLONG ImageBase
Definition: NativeStructs.h:458
_NON_PAGED_DEBUG_INFO::Signature
USHORT Signature
Definition: NativeStructs.h:450
_RTL_PROCESS_MODULES::Modules
RTL_PROCESS_MODULE_INFORMATION Modules[1]
Definition: NativeStructs.h:325
_OBJECT_HEADER::TraceFlags
UCHAR TraceFlags
Definition: NativeStructs.h:145
_KLDR_DATA_TABLE_ENTRY::BaseDllName
UNICODE_STRING BaseDllName
Definition: NativeStructs.h:473
_SYSTEM_PROCESS_INFO::UserTime
LARGE_INTEGER UserTime
Definition: NativeStructs.h:230
_MEMORY_BASIC_INFORMATION::AllocationBase
PVOID AllocationBase
Definition: NativeStructs.h:181
_PEB_LDR_DATA32
Definition: NativeStructs.h:397
_MEMORY_WORKING_SET_EX_BLOCK::Bad
ULONG_PTR Bad
Definition: NativeStructs.h:342
_RTL_PROCESS_MODULE_INFORMATION::InitOrderIndex
USHORT InitOrderIndex
Definition: NativeStructs.h:316
_SYSTEM_PROCESS_INFO::QuotaPeakPagedPoolUsage
SIZE_T QuotaPeakPagedPoolUsage
Definition: NativeStructs.h:244
_HANDLE_TABLE_ENTRY::Unlocked
ULONG_PTR Unlocked
Definition: NativeStructs.h:67
_NON_PAGED_DEBUG_INFO::CheckSum
ULONG CheckSum
Definition: NativeStructs.h:456
_SYSTEM_PROCESS_INFO::KernelTime
LARGE_INTEGER KernelTime
Definition: NativeStructs.h:231
_KEXECUTE_OPTIONS::ExecuteDispatchEnable
int ExecuteDispatchEnable
Definition: NativeStructs.h:35
PHANDLE_TABLE_ENTRY
struct _HANDLE_TABLE_ENTRY * PHANDLE_TABLE_ENTRY
NT_PPROC_THREAD_ATTRIBUTE_ENTRY
struct _NT_PROC_THREAD_ATTRIBUTE_ENTRY * NT_PPROC_THREAD_ATTRIBUTE_ENTRY
_HANDLE_TABLE::UniqueProcessId
ULONG UniqueProcessId
Definition: NativeStructs.h:107
_HANDLE_TABLE_FREE_LIST::FirstFreeHandleEntry
struct _HANDLE_TABLE_ENTRY * FirstFreeHandleEntry
Definition: NativeStructs.h:92
RTL_PROCESS_MODULES
struct _RTL_PROCESS_MODULES RTL_PROCESS_MODULES
_NT_PROC_THREAD_ATTRIBUTE_ENTRY::Attribute
ULONG Attribute
Definition: NativeStructs.h:295
_KLDR_DATA_TABLE_ENTRY::ExceptionTable
PVOID ExceptionTable
Definition: NativeStructs.h:464
_MMPTE_HARDWARE64::Write
ULONGLONG Write
Definition: NativeStructs.h:274
_OBJECT_HEADER::DeletedInline
UCHAR DeletedInline
Definition: NativeStructs.h:165
_PEB32::BeingDebugged
UCHAR BeingDebugged
Definition: NativeStructs.h:427
_KLDR_DATA_TABLE_ENTRY::ExceptionTableSize
ULONG ExceptionTableSize
Definition: NativeStructs.h:465
_SYSTEM_CALL_COUNT_INFORMATION
Definition: NativeStructs.h:189
_KEXECUTE_OPTIONS
Definition: NativeStructs.h:27
_PEB_LDR_DATA32::InMemoryOrderModuleList
LIST_ENTRY32 InMemoryOrderModuleList
Definition: NativeStructs.h:403
_LDR_DATA_TABLE_ENTRY::HashLinks
LIST_ENTRY HashLinks
Definition: NativeStructs.h:382
_SYSTEM_CALL_COUNT_INFORMATION::Length
ULONG Length
Definition: NativeStructs.h:191
_LDR_DATA_TABLE_ENTRY32::LoadCount
USHORT LoadCount
Definition: NativeStructs.h:418
_HANDLE_TABLE::u4
union _HANDLE_TABLE::@12 u4
_HANDLE_TABLE_ENTRY::LeafHandleValue
union _EXHANDLE LeafHandleValue
Definition: NativeStructs.h:77
_RTL_PROCESS_MODULE_INFORMATION::ImageSize
ULONG ImageSize
Definition: NativeStructs.h:313
_NON_PAGED_DEBUG_INFO::Characteristics
USHORT Characteristics
Definition: NativeStructs.h:454
_SYSTEM_PROCESS_INFO::SessionId
ULONG SessionId
Definition: NativeStructs.h:237
_LDR_DATA_TABLE_ENTRY::LoadCount
USHORT LoadCount
Definition: NativeStructs.h:380
_OBJECT_HEADER::Lock
void * Lock
Definition: NativeStructs.h:141
_KEXECUTE_OPTIONS::DisableExceptionChainValidation
int DisableExceptionChainValidation
Definition: NativeStructs.h:37
_MEMORY_BASIC_INFORMATION::BaseAddress
PVOID BaseAddress
Definition: NativeStructs.h:180
_NT_PROC_THREAD_ATTRIBUTE_ENTRY::Unknown
ULONG Unknown
Definition: NativeStructs.h:298
_MEMORY_WORKING_SET_EX_BLOCK::Shared
ULONG_PTR Shared
Definition: NativeStructs.h:337
PTHREAD_BASIC_INFORMATION
struct _THREAD_BASIC_INFORMATION * PTHREAD_BASIC_INFORMATION
_LDR_DATA_TABLE_ENTRY32::InMemoryOrderLinks
LIST_ENTRY32 InMemoryOrderLinks
Definition: NativeStructs.h:410
_OBJECT_HEADER::PointerCount
ULONG_PTR PointerCount
Definition: NativeStructs.h:135
_NT_PROC_THREAD_ATTRIBUTE_ENTRY
Definition: NativeStructs.h:293
_KLDR_DATA_TABLE_ENTRY::InLoadOrderLinks
LIST_ENTRY InLoadOrderLinks
Definition: NativeStructs.h:463
_PEB_LDR_DATA32::SsHandle
ULONG SsHandle
Definition: NativeStructs.h:401
_PEB_LDR_DATA::SsHandle
PVOID SsHandle
Definition: NativeStructs.h:363
_SYSTEM_PROCESS_INFO::ReadTransferCount
LARGE_INTEGER ReadTransferCount
Definition: NativeStructs.h:254
_PEB::Reserved1
UCHAR Reserved1[2]
Definition: NativeStructs.h:389
_KEXECUTE_OPTIONS::ImageDispatchEnable
int ImageDispatchEnable
Definition: NativeStructs.h:36
_THREAD_BASIC_INFORMATION::TebBaseAddress
PVOID TebBaseAddress
Definition: NativeStructs.h:214
_PEB32::ProcessParameters
ULONG ProcessParameters
Definition: NativeStructs.h:432
_LDR_DATA_TABLE_ENTRY32::DllBase
ULONG DllBase
Definition: NativeStructs.h:412
_SYSTEM_PROCESS_INFO::QuotaPeakNonPagedPoolUsage
SIZE_T QuotaPeakNonPagedPoolUsage
Definition: NativeStructs.h:246
_SYSTEM_PROCESS_INFO::PageFaultCount
ULONG PageFaultCount
Definition: NativeStructs.h:241
_LDR_DATA_TABLE_ENTRY::FullDllName
UNICODE_STRING FullDllName
Definition: NativeStructs.h:377
_LDR_DATA_TABLE_ENTRY32
Definition: NativeStructs.h:407
_KLDR_DATA_TABLE_ENTRY::FullDllName
UNICODE_STRING FullDllName
Definition: NativeStructs.h:472
_HANDLE_TABLE::ExtraInfoPages
long ExtraInfoPages
Definition: NativeStructs.h:103
_HANDLE_TABLE::u3
struct _HANDLE_TABLE::@12::@14 u3
_MEMORY_WORKING_SET_EX_BLOCK::Valid
ULONG_PTR Valid
Definition: NativeStructs.h:334
_KEXECUTE_OPTIONS::ExecuteDisable
int ExecuteDisable
Definition: NativeStructs.h:31
_RTL_PROCESS_MODULE_INFORMATION::ImageBase
PVOID ImageBase
Definition: NativeStructs.h:312
_MMPTE_HARDWARE64::NoExecute
ULONGLONG NoExecute
Definition: NativeStructs.h:278
_HANDLE_TABLE_FREE_LIST::HandleCount
long HandleCount
Definition: NativeStructs.h:94
SYSTEM_THREAD_INFORMATION
struct _SYSTEM_THREAD_INFORMATION SYSTEM_THREAD_INFORMATION
PPS_PROTECTION
union _PS_PROTECTION * PPS_PROTECTION
_SYSTEM_THREAD_INFORMATION::ContextSwitches
ULONG ContextSwitches
Definition: NativeStructs.h:206
_SYSTEM_PROCESS_INFO::OtherTransferCount
LARGE_INTEGER OtherTransferCount
Definition: NativeStructs.h:256
_NT_PROC_THREAD_ATTRIBUTE_ENTRY::Size
SIZE_T Size
Definition: NativeStructs.h:296
_PS_PROTECTION::Signer
int Signer
Definition: NativeStructs.h:23
_SYSTEM_THREAD_INFORMATION::KernelTime
LARGE_INTEGER KernelTime
Definition: NativeStructs.h:198
_SYSTEM_PROCESS_INFO::WriteTransferCount
LARGE_INTEGER WriteTransferCount
Definition: NativeStructs.h:255
PMEMORY_WORKING_SET_EX_INFORMATION
struct _MEMORY_WORKING_SET_EX_INFORMATION * PMEMORY_WORKING_SET_EX_INFORMATION
_HANDLE_TABLE::EnableHandleExceptions
UCHAR EnableHandleExceptions
Definition: NativeStructs.h:114
PPEB
struct _PEB * PPEB
_LDR_DATA_TABLE_ENTRY::SizeOfImage
ULONG SizeOfImage
Definition: NativeStructs.h:376
_NT_PROC_THREAD_ATTRIBUTE_LIST::Entry
NT_PROC_THREAD_ATTRIBUTE_ENTRY Entry[1]
Definition: NativeStructs.h:304
_OBJECT_HEADER::SingleHandleEntry
UCHAR SingleHandleEntry
Definition: NativeStructs.h:164
_MMPTE_HARDWARE64::Unused
ULONGLONG Unused
Definition: NativeStructs.h:273
_KLDR_DATA_TABLE_ENTRY::SizeOfImage
ULONG SizeOfImage
Definition: NativeStructs.h:471
_HANDLE_TABLE::HandleTableLock
void * HandleTableLock
Definition: NativeStructs.h:120
_THREAD_BASIC_INFORMATION::ExitStatus
NTSTATUS ExitStatus
Definition: NativeStructs.h:213
_KLDR_DATA_TABLE_ENTRY::NonPagedDebugInfo
PNON_PAGED_DEBUG_INFO NonPagedDebugInfo
Definition: NativeStructs.h:468
_OBJECT_HEADER::KernelOnlyAccess
UCHAR KernelOnlyAccess
Definition: NativeStructs.h:160
_PEB
Definition: NativeStructs.h:387
_MMPTE::Hard
MMPTE_HARDWARE64 Hard
Definition: NativeStructs.h:286
_RTL_PROCESS_MODULE_INFORMATION::FullPathName
UCHAR FullPathName[256]
Definition: NativeStructs.h:319
_SYSTEM_PROCESS_INFO::CycleTime
ULONGLONG CycleTime
Definition: NativeStructs.h:228
POBJECT_HEADER
struct _OBJECT_HEADER * POBJECT_HEADER
_PEB_LDR_DATA32::Length
ULONG Length
Definition: NativeStructs.h:399
_LDR_DATA_TABLE_ENTRY32::InLoadOrderLinks
LIST_ENTRY32 InLoadOrderLinks
Definition: NativeStructs.h:409
_SYSTEM_PROCESS_INFO::VirtualSize
SIZE_T VirtualSize
Definition: NativeStructs.h:240
OBJECT_HEADER
struct _OBJECT_HEADER OBJECT_HEADER
_MMPTE_HARDWARE64::Accessed
ULONGLONG Accessed
Definition: NativeStructs.h:268
_SYSTEM_THREAD_INFORMATION::Priority
KPRIORITY Priority
Definition: NativeStructs.h:204
_HANDLE_TABLE_ENTRY::LowValue
ULONG_PTR LowValue
Definition: NativeStructs.h:63
_WOW64_APC_CONTEXT
Definition: NativeStructs.h:435
_KLDR_DATA_TABLE_ENTRY::PatchInformation
PVOID PatchInformation
Definition: NativeStructs.h:481
_OBJECT_HEADER::DbgRefTrace
UCHAR DbgRefTrace
Definition: NativeStructs.h:148
_SYSTEM_PROCESS_INFO::NextEntryOffset
ULONG NextEntryOffset
Definition: NativeStructs.h:223
_SYSTEM_PROCESS_INFO::OtherOperationCount
LARGE_INTEGER OtherOperationCount
Definition: NativeStructs.h:253
_PS_PROTECTION::Level
UCHAR Level
Definition: NativeStructs.h:18
_MEMORY_WORKING_SET_EX_BLOCK::Node
ULONG_PTR Node
Definition: NativeStructs.h:338
_KLDR_DATA_TABLE_ENTRY::Flags
ULONG Flags
Definition: NativeStructs.h:474
_LDR_DATA_TABLE_ENTRY32::TimeDateStamp
ULONG TimeDateStamp
Definition: NativeStructs.h:421
NT_PROC_THREAD_ATTRIBUTE_LIST
struct _NT_PROC_THREAD_ATTRIBUTE_LIST NT_PROC_THREAD_ATTRIBUTE_LIST
PPEB_LDR_DATA32
struct _PEB_LDR_DATA32 * PPEB_LDR_DATA32
_OBJECT_HEADER::HandleCount
ULONG_PTR HandleCount
Definition: NativeStructs.h:138
_WOW64_APC_CONTEXT::Apc64BitContext
PVOID Apc64BitContext
Definition: NativeStructs.h:443
_NT_PROC_THREAD_ATTRIBUTE_LIST::Length
ULONG Length
Definition: NativeStructs.h:303
_MMPTE
Definition: NativeStructs.h:281
_MEMORY_BASIC_INFORMATION::State
ULONG State
Definition: NativeStructs.h:184
PMEMORY_BASIC_INFORMATION
struct _MEMORY_BASIC_INFORMATION * PMEMORY_BASIC_INFORMATION
_MEMORY_WORKING_SET_EX_BLOCK::Locked
ULONG_PTR Locked
Definition: NativeStructs.h:339
PEB_LDR_DATA
struct _PEB_LDR_DATA PEB_LDR_DATA
_HANDLE_TABLE::u1
struct _HANDLE_TABLE::@11::@13 u1
MMPTE
struct _MMPTE MMPTE
_EXHANDLE::u
struct _EXHANDLE::@2 u
_PEB::ProcessParameters
PVOID ProcessParameters
Definition: NativeStructs.h:394
_NON_PAGED_DEBUG_INFO::TimeDateStamp
ULONG TimeDateStamp
Definition: NativeStructs.h:455
_KLDR_DATA_TABLE_ENTRY
Definition: NativeStructs.h:461
_KLDR_DATA_TABLE_ENTRY::LoadCount
USHORT LoadCount
Definition: NativeStructs.h:475
_OBJECT_HEADER::NewObject
UCHAR NewObject
Definition: NativeStructs.h:158
_SYSTEM_PROCESS_INFO::CreateTime
LARGE_INTEGER CreateTime
Definition: NativeStructs.h:229
_PS_PROTECTION
Definition: NativeStructs.h:16
_SYSTEM_PROCESS_INFO::NumberOfThreadsHighWatermark
ULONG NumberOfThreadsHighWatermark
Definition: NativeStructs.h:227
_HANDLE_TABLE_ENTRY::GrantedAccessBits
ULONG GrantedAccessBits
Definition: NativeStructs.h:80
_PEB32::Reserved1
UCHAR Reserved1[2]
Definition: NativeStructs.h:426
_HANDLE_TABLE_ENTRY::ObjectPointerBits
ULONG_PTR ObjectPointerBits
Definition: NativeStructs.h:70
_SYSTEM_PROCESS_INFO::WorkingSetPrivateSize
LARGE_INTEGER WorkingSetPrivateSize
Definition: NativeStructs.h:225
_PEB::Reserved3
PVOID Reserved3[2]
Definition: NativeStructs.h:392
_RTL_PROCESS_MODULE_INFORMATION
Definition: NativeStructs.h:308
_SYSTEM_PROCESS_INFO::QuotaNonPagedPoolUsage
SIZE_T QuotaNonPagedPoolUsage
Definition: NativeStructs.h:247
_LDR_DATA_TABLE_ENTRY32::EntryPoint
ULONG EntryPoint
Definition: NativeStructs.h:413
_LDR_DATA_TABLE_ENTRY::EntryPoint
PVOID EntryPoint
Definition: NativeStructs.h:375
_HANDLE_TABLE_FREE_LIST::Reserved
ULONG Reserved[8]
Definition: NativeStructs.h:96
_SYSTEM_PROCESS_INFO::NumberOfThreads
ULONG NumberOfThreads
Definition: NativeStructs.h:224
_RTL_PROCESS_MODULE_INFORMATION::Flags
ULONG Flags
Definition: NativeStructs.h:314
_MEMORY_WORKING_SET_EX_BLOCK::Win32Protection
ULONG_PTR Win32Protection
Definition: NativeStructs.h:336
_SYSTEM_PROCESS_INFO::ReadOperationCount
LARGE_INTEGER ReadOperationCount
Definition: NativeStructs.h:251
_WOW64_APC_CONTEXT::Apc32BitContext
ULONG Apc32BitContext
Definition: NativeStructs.h:439
_MMPTE_HARDWARE64::Dirty
ULONGLONG Dirty
Definition: NativeStructs.h:269
_MMPTE_HARDWARE64::Owner
ULONGLONG Owner
Definition: NativeStructs.h:265
_MMPTE_HARDWARE64::PageFrameNumber
ULONGLONG PageFrameNumber
Definition: NativeStructs.h:275
_OBJECT_HEADER::NextToFree
void * NextToFree
Definition: NativeStructs.h:139
_HANDLE_TABLE_ENTRY::Attributes
ULONG_PTR Attributes
Definition: NativeStructs.h:69
PEB
struct _PEB PEB
_LDR_DATA_TABLE_ENTRY::TlsIndex
USHORT TlsIndex
Definition: NativeStructs.h:381
_OBJECT_HEADER::Body
struct _QUAD Body
Definition: NativeStructs.h:175
HANDLE_TABLE_ENTRY
struct _HANDLE_TABLE_ENTRY HANDLE_TABLE_ENTRY
_THREAD_BASIC_INFORMATION::Priority
LONG Priority
Definition: NativeStructs.h:217
_MEMORY_WORKING_SET_EX_BLOCK::ShareCount
ULONG_PTR ShareCount
Definition: NativeStructs.h:335
_LDR_DATA_TABLE_ENTRY::DllBase
PVOID DllBase
Definition: NativeStructs.h:374
MMPTE_HARDWARE64
struct _MMPTE_HARDWARE64 MMPTE_HARDWARE64
_PEB::Reserved2
UCHAR Reserved2[1]
Definition: NativeStructs.h:391
_THREAD_BASIC_INFORMATION
Definition: NativeStructs.h:211
_LDR_DATA_TABLE_ENTRY::BaseDllName
UNICODE_STRING BaseDllName
Definition: NativeStructs.h:378
_OBJECT_HEADER::DefaultSecurityQuota
UCHAR DefaultSecurityQuota
Definition: NativeStructs.h:163
_KEXECUTE_OPTIONS::Permanent
int Permanent
Definition: NativeStructs.h:34
_SYSTEM_PROCESS_INFO::Threads
SYSTEM_THREAD_INFORMATION Threads[1]
Definition: NativeStructs.h:257
_MMPTE::Long
ULONG_PTR Long
Definition: NativeStructs.h:285
_HANDLE_TABLE_FREE_LIST
Definition: NativeStructs.h:89
_SYSTEM_CALL_COUNT_INFORMATION::NumberOfTables
ULONG NumberOfTables
Definition: NativeStructs.h:192
PKEXECUTE_OPTIONS
union _KEXECUTE_OPTIONS * PKEXECUTE_OPTIONS
_PEB32::ImageBaseAddress
ULONG ImageBaseAddress
Definition: NativeStructs.h:430
_LDR_DATA_TABLE_ENTRY32::TlsIndex
USHORT TlsIndex
Definition: NativeStructs.h:419
_SYSTEM_PROCESS_INFO::PrivatePageCount
SIZE_T PrivatePageCount
Definition: NativeStructs.h:250
_KEXECUTE_OPTIONS::ExecuteEnable
int ExecuteEnable
Definition: NativeStructs.h:32
_LDR_DATA_TABLE_ENTRY32::Flags
ULONG Flags
Definition: NativeStructs.h:417
_MEMORY_BASIC_INFORMATION::AllocationProtect
ULONG AllocationProtect
Definition: NativeStructs.h:182
MEMORY_WORKING_SET_EX_INFORMATION
struct _MEMORY_WORKING_SET_EX_INFORMATION MEMORY_WORKING_SET_EX_INFORMATION
_HANDLE_TABLE_ENTRY::Spare
ULONG Spare
Definition: NativeStructs.h:82
_WOW64_APC_CONTEXT::Apc32BitRoutine
ULONG Apc32BitRoutine
Definition: NativeStructs.h:440
PSYSTEM_PROCESS_INFO
struct _SYSTEM_PROCESS_INFO * PSYSTEM_PROCESS_INFO
_HANDLE_TABLE_ENTRY::NoRightsUpgrade
ULONG NoRightsUpgrade
Definition: NativeStructs.h:81
_MEMORY_WORKING_SET_EX_BLOCK::LargePage
ULONG_PTR LargePage
Definition: NativeStructs.h:340
_MMPTE_HARDWARE64::CacheDisable
ULONGLONG CacheDisable
Definition: NativeStructs.h:267
_SYSTEM_PROCESS_INFO::BasePriority
KPRIORITY BasePriority
Definition: NativeStructs.h:233
_LDR_DATA_TABLE_ENTRY::InLoadOrderLinks
LIST_ENTRY InLoadOrderLinks
Definition: NativeStructs.h:371
_LDR_DATA_TABLE_ENTRY::Flags
ULONG Flags
Definition: NativeStructs.h:379
PLDR_DATA_TABLE_ENTRY32
struct _LDR_DATA_TABLE_ENTRY32 * PLDR_DATA_TABLE_ENTRY32
_PEB_LDR_DATA32::Initialized
UCHAR Initialized
Definition: NativeStructs.h:400
_HANDLE_TABLE_ENTRY::VolatileLowValue
ULONG_PTR VolatileLowValue
Definition: NativeStructs.h:62
NativeStructs81.h
_LDR_DATA_TABLE_ENTRY
Definition: NativeStructs.h:369
_SYSTEM_THREAD_INFORMATION::StartAddress
PVOID StartAddress
Definition: NativeStructs.h:202
_RTL_PROCESS_MODULE_INFORMATION::MappedBase
PVOID MappedBase
Definition: NativeStructs.h:311
_PEB32::Reserved2
UCHAR Reserved2[1]
Definition: NativeStructs.h:428
_SYSTEM_PROCESS_INFO::ImageName
UNICODE_STRING ImageName
Definition: NativeStructs.h:232
_SYSTEM_THREAD_INFORMATION::WaitTime
ULONG WaitTime
Definition: NativeStructs.h:201
SYSTEM_PROCESS_INFO
struct _SYSTEM_PROCESS_INFO SYSTEM_PROCESS_INFO
PRTL_PROCESS_MODULE_INFORMATION
struct _RTL_PROCESS_MODULE_INFORMATION * PRTL_PROCESS_MODULE_INFORMATION
_SYSTEM_THREAD_INFORMATION::UserTime
LARGE_INTEGER UserTime
Definition: NativeStructs.h:199
KEXECUTE_OPTIONS
union _KEXECUTE_OPTIONS KEXECUTE_OPTIONS
_NON_PAGED_DEBUG_INFO::SizeOfImage
ULONG SizeOfImage
Definition: NativeStructs.h:457
_PEB_LDR_DATA
Definition: NativeStructs.h:359
_OBJECT_HEADER::ObjectCreateInfo
struct _OBJECT_CREATE_INFORMATION * ObjectCreateInfo
Definition: NativeStructs.h:171
_SYSTEM_PROCESS_INFO::QuotaPagedPoolUsage
SIZE_T QuotaPagedPoolUsage
Definition: NativeStructs.h:245
_NON_PAGED_DEBUG_INFO::Size
ULONG Size
Definition: NativeStructs.h:452
_OBJECT_HEADER
Definition: NativeStructs.h:133
_LDR_DATA_TABLE_ENTRY::InInitializationOrderLinks
LIST_ENTRY InInitializationOrderLinks
Definition: NativeStructs.h:373
_HANDLE_TABLE::DebugInfo
struct _HANDLE_TRACE_DEBUG_INFO * DebugInfo
Definition: NativeStructs.h:127
_SYSTEM_THREAD_INFORMATION
Definition: NativeStructs.h:196
PLDR_DATA_TABLE_ENTRY
struct _LDR_DATA_TABLE_ENTRY * PLDR_DATA_TABLE_ENTRY
_SYSTEM_THREAD_INFORMATION::WaitReason
KWAIT_REASON WaitReason
Definition: NativeStructs.h:208
PEB_LDR_DATA32
struct _PEB_LDR_DATA32 PEB_LDR_DATA32
_HANDLE_TABLE::StrictFIFO
UCHAR StrictFIFO
Definition: NativeStructs.h:113
_SYSTEM_PROCESS_INFO::WorkingSetSize
SIZE_T WorkingSetSize
Definition: NativeStructs.h:243
THREAD_BASIC_INFORMATION
struct _THREAD_BASIC_INFORMATION THREAD_BASIC_INFORMATION
_HANDLE_TABLE::Rundown
UCHAR Rundown
Definition: NativeStructs.h:115
_OBJECT_HEADER::Flags
UCHAR Flags
Definition: NativeStructs.h:155
_SYSTEM_PROCESS_INFO::PeakPagefileUsage
SIZE_T PeakPagefileUsage
Definition: NativeStructs.h:249
_HANDLE_TABLE::QuotaProcess
struct _EPROCESS * QuotaProcess
Definition: NativeStructs.h:105
_SYSTEM_PROCESS_INFO::HardFaultCount
ULONG HardFaultCount
Definition: NativeStructs.h:226