Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

System Structure Tools

Questions concerning tools (other than OllyDbg) - IDA Pro, SoftIce, member contributions, etc.
<b>NOTE:</b> You must <b>always</b> make sure you cannot find what you are looking for in our <a href="/collaborative/tools">Collaborative RCE Tool Library</a> before asking for <b>any</b> tools that can do this or that though!
Locked
User avatar
Kayaker
Posts: 4179
Joined: Thu Oct 26, 2000 11:00 am

System Structure Tools

Post by Kayaker »

Someone added a couple of interesting tools to the CRCETL recently (Thank You!) They're rather unique so I thought they deserved mention.

Both are from
http://ntinfo.biz/

The first, XNTSV, is a utility that displays detailed information about Windows system structures, both user and kernel, for running processes. You can traverse linked structures, read the values, create and save prototypes, etc. A lot easier than working with a bunch of cryptic Windbg commands to accomplish the same thing.

The second, PDBRipper, does what it says, extract structure/enum/type information from PDB files.

Both fun to play with if you're into that kind of thing.

http://www.woodmann.com/collaborative/t ... .php/XNTSV
http://www.woodmann.com/collaborative/t ... /PDBRipper
Locked