pe_mode_detector.h File Reference
Detecting in which mode is the PE in the supplied buffer (i.e. raw, virtual). Analyzes PE features typical for particular modes. More...
Go to the source code of this file.
Namespaces | |
| namespace | peconv |
Functions | |
| bool | peconv::is_pe_raw (IN const BYTE *pe_buffer, IN size_t pe_size) |
| bool | peconv::is_pe_raw_eq_virtual (IN const BYTE *pe_buffer, IN size_t pe_size) |
| bool | peconv::is_pe_expanded (IN const BYTE *pe_buffer, IN size_t pe_size) |
| bool | peconv::is_section_expanded (IN const BYTE *pe_buffer, IN size_t pe_size, IN const PIMAGE_SECTION_HEADER sec) |
Detailed Description
Detecting in which mode is the PE in the supplied buffer (i.e. raw, virtual). Analyzes PE features typical for particular modes.
Definition in file pe_mode_detector.h.
Generated on Sat Nov 2 2024 22:08:24 for libPeConv by
1.12.0