Windows 8 Internals
This page is dedicated to hacking, breaking, reversing, exploiting, and fixing Windows 8.
Disclaimer: The content in this website could be malicous. By no means is this a page dedicated to the destruction and disruption of other people's time or systems. This website is educational only, and the findings (if a risk to Windows 8 users) WILL be reported to Microsoft to improve security in Windows 8 and future versions of Windows.
Contact info: winre@brandonfa.lk
------------------------------------------------------
The good stuff:
Windows 8 internal headers extracted from PDB files:
(pdb->header converter lacks custom variable and union support [coming very soon])win8_devrel_head_x86
win8_devrel_head_x64
win8_devrel_head_all.zip
Last updated: 18/01/2012
Windows 8 KiServiceTable:
One interesting difference is that on Windows 8, the symbol is KiServiceTable and not _KiServiceTable.
Interesting 'New' Functions in ntoskrnl (x64):
Two new KiSystemCall() functions have come up, namely
KiSystemCall32() and KiSystemCall64().
Also, there is no longer a _KiSystemService(), but a 'suite' of
KiSystemServiceXXX() routines. Where XXX is one of the
following: Handler, Start, Repeat, GdiTebAccess, CopyStart,
CopyEnd, or Exit.