Have sdk defined structures for portable executable files

[op2786]

Currently I'm reversing a malware which does a lot of PE parsing. Looks like structures like IMAGE_DOS_HEADER, IMAGE_FILE_HEADER, IMAGE_DATA_DIRECTORY, IMAGE_OPTIONAL_HEADER32, IMAGE_OPTIONAL_HEADER64, IMAGE_NT_HEADERS64, IMAGE_NT_HEADERS32, IMAGE_SECTION_HEADER, IMAGE_EXPORT_DIRECTORY etc. missing in BN.

I know that BN have some structures that corresponds to some of these structures but these are (with these exact names) widely known structures that we need to have. Especially malwares heavly uses them.

[xusheng6]

A workaround is to load the PDB for ntoskernel, and somehow export the type info from it.

[xusheng6]

But I agree that we should somehow make these available directly

[plafosse]

There is at least one in particular that updates frequently, so we'd need to have separate version for that structure one for each windows/compiler version.