PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Class Index
A | B | C | E | H | I | M | O | P | R | S | T | U | W | _
A
AreaEntropyStats (pesieve)
AreaInfo (pesieve)
AreaMultiStats (pesieve)
AreaStats (pesieve)
AreaStatsCalculator (pesieve)
ArtefactScanner (pesieve)
ArtefactScanReport (pesieve)
ArtefactScanner::ArtefactsMapping (pesieve)
AutoBuffer (pesieve::util)
B
BasicBuffer (pesieve::util)
ByteBuffer (pesieve::util)
C
CachedModule (pesieve)
ChunkStats (pesieve)
CodeMatcher (pesieve)
CodeScanner (pesieve)
CodeScanReport (pesieve)
E
EncryptedMatcher (pesieve)
ErrorReport (pesieve)
H
HeadersScanner (pesieve)
HeadersScanReport (pesieve)
HookTargetResolver (pesieve)
I
IATBlock (pesieve)
IATScanner (pesieve)
IATScanReport (pesieve)
IATThunksSeries (pesieve)
IATThunksSeriesPtrCompare (pesieve)
ImportTableBuffer (pesieve)
ImpReconstructor (pesieve)
M
MalformedHeaderReport (pesieve)
MappingScanner (pesieve)
MappingScanReport (pesieve)
MemPageData (pesieve)
ModuleData (pesieve)
ModuleDumpReport (pesieve)
ModulesCache (pesieve)
ModuleScanner (pesieve)
ModuleScanReport (pesieve)
ModulesInfo (pesieve)
MultiStatsSettings (pesieve)
Mutex (pesieve::util)
MutexLocker (pesieve::util)
O
ObfuscatedMatcher (pesieve)
P
PARAM_STRING (pesieve)
params
PatchList::Patch (pesieve)
PatchAnalyzer (pesieve)
PatchList (pesieve)
PatternMatcher (pesieve)
PeArtefacts (pesieve)
PeBuffer (pesieve)
PeReconstructor (pesieve)
PeSection (pesieve)
PEsieveParams
ProcessDumpReport (pesieve)
ProcessFeatureScanner (pesieve)
ProcessScanner (pesieve)
ProcessScanReport (pesieve)
ProcessSymbolsManager
PSS_VA_CLONE_INFORMATION (pesieve::util)
R
RemoteModuleData (pesieve)
report
ReportEx (pesieve)
ResultsDumper (pesieve)
RuleMatcher (pesieve)
RuleMatchersSet (pesieve)
S
ScannedModule (pesieve)
SkippedModuleReport (pesieve)
StatsSettings (pesieve)
StdDeviationCalc (pesieve::stats)
SyscallTable (pesieve)
T
T_CLIENT_ID (pesieve::util)
t_data_scan_mode (pesieve)
t_dotnet_policy (pesieve)
t_dump_mode (pesieve)
t_iat_scan_mode (pesieve)
t_imprec_mode (pesieve)
t_json_level (pesieve)
t_obfusc_mode (pesieve)
t_output_filter (pesieve)
t_params (pesieve)
t_refl_args (pesieve::util)
t_report (pesieve)
t_report_type (pesieve)
T_RTLP_PROCESS_REFLECTION_REFLECTION_INFORMATION (pesieve::util)
t_shellc_mode (pesieve)
TextMatcher (pesieve)
ThreadScanner (pesieve)
ThreadScanReport (pesieve)
ThunkFoundCallback (pesieve)
U
UnreachableModuleReport (pesieve)
W
WorkingSetScanner (pesieve)
WorkingSetScanReport (pesieve)
_
_ctx_details (pesieve)
_mem_region_info (pesieve::util)
_PARAM_STRING
_process_details (pesieve)
_t_pattern (pesieve)
_t_stack_enum_params
_thread_info (pesieve::util)
_thread_info_ext (pesieve::util)
_THREAD_LAST_SYSCALL_INFORMATION (pesieve::util)
Generated by doxygen 1.12.0