There is a Flink and Blink (Forward Link and Backward Link) for a double-linked list of processes. There is a process identifier. All of this is packed in a struct that is referenced to as PEPROCESS or _KPROCESS. But where are those and what are the other elements in this structure?
Or, if the answer is neither short nor simple, where can one find references if not in the documentation or header files? (Which is the place i looked and probably overlooked something.)
The EPROCESS structure is an opaque structure that serves as the process object for a process.
Some routines, such as PsGetProcessCreateTimeQuadPart, use EPROCESS to identify the process to operate on. Drivers can use the PsGetCurrentProcess routine to obtain a pointer to the process object for the current process and can use the ObReferenceObjectByHandle routine to obtain a pointer to the process object that is associated with the specified handle. The PsInitialSystemProcess global variable points to the process object for the system process.
Note that a process object is an Object Manager object. Drivers should use Object Manager routines such as ObReferenceObject and ObDereferenceObject to maintain the object’s reference count.
This means, that you shouldn't care about what the members of a the process structure are. Nevertheless there are sources which detail the layout of the process structure.
This book has a more in detail description what the individual members are.
The EPROCESS structure is documented in the windows debugging symbols.
While connected to a kernel with windbg, assuming you have the debugging symbols properly set up, issuing the command "dt nt!_EPROCESS" should give you the layout for the EPROCESS struct specific to the version of the kernel you are attached to.