 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
#include <entropy_stats.h>
Public Member Functions | |
| AreaEntropyStats () | |
| AreaEntropyStats (const AreaEntropyStats &p1) | |
| void | _appendVal (BYTE val) |
| virtual void | summarize () |
 Public Member Functions inherited from pesieve::AreaStats | |
| AreaStats () | |
| void | setStartOffset (size_t _area_start) |
| void | appendVal (BYTE val) |
| bool | isFilled () const |
| virtual bool | fillSettings (StatsSettings *_settings) |
| virtual const bool | toJSON (std::stringstream &outs, size_t level) |
Public Attributes | |
| std::map< BYTE, size_t > | histogram |
| double | entropy |
Protected Member Functions | |
| virtual const void | fieldsToJSON (std::stringstream &outs, size_t level) |
Friends | |
| class | AreaStatsCalculator |
Additional Inherited Members | |
| Protected Attributes inherited from pesieve::AreaStats | |
| size_t | area_size |
| size_t | area_start |
Definition at line 9 of file entropy_stats.h.
|
inline |
Definition at line 11 of file entropy_stats.h.
|
inline |
Implements pesieve::AreaStats.
Definition at line 25 of file entropy_stats.h.
|
inlineprotectedvirtual |
Implements pesieve::AreaStats.
Definition at line 40 of file entropy_stats.h.
Implements pesieve::AreaStats.
Definition at line 30 of file entropy_stats.h.
|
friend |
Definition at line 52 of file entropy_stats.h.
| double pesieve::AreaEntropyStats::entropy |
Definition at line 36 of file entropy_stats.h.
Definition at line 35 of file entropy_stats.h.
1.10.0
