 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
This is the complete list of members for ProcessSymbolsManager, including all inherited members.
| dumpSymbolInfo(const ULONG_PTR addr) | ProcessSymbolsManager | inline |
| FreeSymbols() | ProcessSymbolsManager | inlineprotected |
| funcNameFromAddr(IN const ULONG_PTR addr, OUT OPTIONAL size_t *displacement=nullptr) | ProcessSymbolsManager | inline |
| hProcess | ProcessSymbolsManager | protected |
| InitSymbols(HANDLE _hProcess) | ProcessSymbolsManager | inline |
| isInit | ProcessSymbolsManager | protected |
| IsInitialized() | ProcessSymbolsManager | inline |
| normalizeSyscallPrefix(std::string &funcName) | ProcessSymbolsManager | inline |
| ProcessSymbolsManager() | ProcessSymbolsManager | inline |
| ~ProcessSymbolsManager() | ProcessSymbolsManager | inline |
1.13.2
