 |
HollowsHunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
HollowsHunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Go to the source code of this file.
Namespaces | |
| namespace | util |
Macros | |
| #define | WATCH_PROCESS_START "WATCH_PROCESS_START" |
| #define | WATCH_IMG_LOAD "WATCH_IMG_LOAD" |
| #define | WATCH_ALLOCATION "WATCH_ALLOCATION" |
| #define | WATCH_TCP_IP "WATCH_TCP_IP" |
| #define | WATCH_OBJ_MGR "WATCH_OBJ_MGR" |
Functions | |
| std::string | util::trim (std::string &s) |
| bool | util::iequals (const std::string &a, const std::string &b) |
| size_t | util::splitList (const std::string &sline, const char delimiter, std::vector< std::string > &args) |
| int | util::loadInt (const std::string &str, bool as_hex=false) |
| bool | util::loadBoolean (const std::string &str, bool defaultVal) |
| std::string | util::booleanToStr (bool val) |
Variables | |
| std::string | util::WHITESPACES = " \t\n\v\f\r" |
| #define WATCH_ALLOCATION "WATCH_ALLOCATION" |
Definition at line 10 of file etw_settings.cpp.
| #define WATCH_IMG_LOAD "WATCH_IMG_LOAD" |
Definition at line 9 of file etw_settings.cpp.
| #define WATCH_OBJ_MGR "WATCH_OBJ_MGR" |
Definition at line 12 of file etw_settings.cpp.
| #define WATCH_PROCESS_START "WATCH_PROCESS_START" |
Definition at line 8 of file etw_settings.cpp.
| #define WATCH_TCP_IP "WATCH_TCP_IP" |
Definition at line 11 of file etw_settings.cpp.
1.13.2