libPeConv
A library to load, manipulate, dump PE files.
Loading...
Searching...
No Matches
Namespaces | Functions
pe_mode_detector.h File Reference

Detecting in which mode is the PE in the supplied buffer (i.e. raw, virtual). Analyzes PE features typical for particular modes. More...

#include <windows.h>
#include "pe_hdrs_helper.h"

Go to the source code of this file.

Namespaces

namespace  peconv
 

Functions

bool peconv::is_pe_raw (IN const BYTE *pe_buffer, IN size_t pe_size)
 
bool peconv::is_pe_raw_eq_virtual (IN const BYTE *pe_buffer, IN size_t pe_size)
 
bool peconv::is_pe_expanded (IN const BYTE *pe_buffer, IN size_t pe_size)
 
bool peconv::is_section_expanded (IN const BYTE *pe_buffer, IN size_t pe_size, IN const PIMAGE_SECTION_HEADER sec)
 

Detailed Description

Detecting in which mode is the PE in the supplied buffer (i.e. raw, virtual). Analyzes PE features typical for particular modes.

Definition in file pe_mode_detector.h.

Generated on Thu Apr 11 2024 16:32:36 for libPeConv by doxygen 1.10.0