 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
This is the complete list of members for DbgHelpWrapper, including all inherited members.
| CleanupProcess(HANDLE hProcess) | DbgHelpWrapper | inlinestatic |
| FromAddress(HANDLE hProcess, DWORD64 address, PSYMBOL_INFO symbol, DWORD64 *displacement) | DbgHelpWrapper | inlinestatic |
| GetLastErrorForProcess(HANDLE hProcess) | DbgHelpWrapper | inlinestatic |
| GetModuleInfo(HANDLE hProcess, DWORD64 address, IMAGEHLP_MODULE64 *moduleInfo) | DbgHelpWrapper | inlinestatic |
| InitializeProcess(HANDLE hProcess, const std::string &symbolPath, DWORD symOptions) | DbgHelpWrapper | inlinestatic |
| RefreshModuleList(HANDLE hProcess) | DbgHelpWrapper | inlinestatic |
| RunStackWalk64(_In_ DWORD MachineType, _In_ HANDLE hProcess, _In_ HANDLE hThread, _Inout_ LPSTACKFRAME64 StackFrame, _Inout_ PVOID ContextRecord, _In_opt_ PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, _In_opt_ PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, _In_opt_ PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, _In_opt_ PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress) | DbgHelpWrapper | inlinestatic |
1.17.0