PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
ProcessSymbolsManager Member List

This is the complete list of members for ProcessSymbolsManager, including all inherited members.

BuildSymbolPath(bool enableAutoDownload)ProcessSymbolsManagerinlinestatic
BuildSymOptions()ProcessSymbolsManagerinlinestatic
dumpSymbolInfo(ULONG_PTR va)ProcessSymbolsManagerinline
FilterSymbolPath(const std::string &input, bool allowDownload)ProcessSymbolsManagerinlinestatic
FreeSymbols()ProcessSymbolsManagerinlineprotected
funcNameFromAddr(ULONG_PTR addr, size_t *displacement=NULL)ProcessSymbolsManagerinline
hProcessProcessSymbolsManagerprotected
InitSymbols(HANDLE process, bool enableAutoDownload, bool lazy)ProcessSymbolsManagerinline
isInitProcessSymbolsManagerprotected
IsInitialized() constProcessSymbolsManagerinline
NormalizeNtZwPrefix(std::string &funcName)ProcessSymbolsManagerinline
operator=(const ProcessSymbolsManager &)=deleteProcessSymbolsManager
ProcessSymbolsManager()ProcessSymbolsManagerinline
ProcessSymbolsManager(const ProcessSymbolsManager &)=deleteProcessSymbolsManager
RefreshModules()ProcessSymbolsManagerinline
RunStackWalk64(_In_ DWORD MachineType, _In_ HANDLE hThread, _Inout_ LPSTACKFRAME64 StackFrame, _Inout_ PVOID ContextRecord, _In_opt_ PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, _In_opt_ PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, _In_opt_ PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, _In_opt_ PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress)ProcessSymbolsManagerinline
~ProcessSymbolsManager()ProcessSymbolsManagerinline
Generated by doxygen 1.17.0