HollowsHunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | Protected Member Functions | Static Protected Attributes | List of all members
ETWProfile Struct Reference

#include <etw_settings.h>

Public Member Functions

 ETWProfile (bool _process_start=false, bool _img_load=false, bool _allocation=false, bool _tcpip=false, bool _obj_mgr=false)
 
bool initProfile (const std::string &fileName)
 
bool loadIni (const std::string &fileName)
 
bool saveIni (const std::string &fileName)
 
void setAll ()
 
bool isEnabled ()
 

Public Attributes

bool process_start
 
bool img_load
 
bool allocation
 
bool tcpip
 
bool obj_mgr
 

Protected Member Functions

bool fillSettings (std::string line)
 
void stripComments (std::string &str)
 

Static Protected Attributes

static const char DELIM = '='
 

Detailed Description

Definition at line 5 of file etw_settings.h.

Constructor & Destructor Documentation

◆ ETWProfile()

ETWProfile::ETWProfile ( bool _process_start = false,
bool _img_load = false,
bool _allocation = false,
bool _tcpip = false,
bool _obj_mgr = false )
inline

Definition at line 13 of file etw_settings.h.

Member Function Documentation

◆ fillSettings()

bool ETWProfile::fillSettings ( std::string line)
protected

Definition at line 101 of file etw_settings.cpp.

Here is the call graph for this function:

◆ initProfile()

bool ETWProfile::initProfile ( const std::string & fileName)
inline

Definition at line 18 of file etw_settings.h.

Here is the call graph for this function:

◆ isEnabled()

bool ETWProfile::isEnabled ( )
inline

Definition at line 40 of file etw_settings.h.

◆ loadIni()

bool ETWProfile::loadIni ( const std::string & fileName)

Definition at line 140 of file etw_settings.cpp.

Here is the call graph for this function:

◆ saveIni()

bool ETWProfile::saveIni ( const std::string & fileName)

Definition at line 163 of file etw_settings.cpp.

◆ setAll()

void ETWProfile::setAll ( )
inline

Definition at line 31 of file etw_settings.h.

◆ stripComments()

void ETWProfile::stripComments ( std::string & str)
protected

Definition at line 93 of file etw_settings.cpp.

Member Data Documentation

◆ allocation

bool ETWProfile::allocation

Definition at line 9 of file etw_settings.h.

◆ DELIM

const char ETWProfile::DELIM = '='
staticprotected

Definition at line 55 of file etw_settings.h.

◆ img_load

bool ETWProfile::img_load

Definition at line 8 of file etw_settings.h.

◆ obj_mgr

bool ETWProfile::obj_mgr

Definition at line 11 of file etw_settings.h.

◆ process_start

bool ETWProfile::process_start

Definition at line 7 of file etw_settings.h.

◆ tcpip

bool ETWProfile::tcpip

Definition at line 10 of file etw_settings.h.

The documentation for this struct was generated from the following files:
Generated by doxygen 1.12.0