PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Protected Member Functions | Protected Attributes | Friends | List of all members
pesieve::AreaStats Class Referenceabstract

Base class for the statistics from analyzed buffer. More...

#include <stats.h>

Inheritance diagram for pesieve::AreaStats:
Inheritance graph
[legend]

Public Member Functions

 AreaStats ()
 
void setStartOffset (size_t _area_start)
 
void appendVal (BYTE val)
 
virtual const void fieldsToJSON (std::stringstream &outs, size_t level)=0
 
bool isFilled () const
 
virtual void summarize ()=0
 
virtual bool fillSettings (StatsSettings *_settings)
 
virtual const bool toJSON (std::stringstream &outs, size_t level)
 

Protected Member Functions

virtual void _appendVal (BYTE val)=0
 

Protected Attributes

size_t area_size
 
size_t area_start
 

Friends

class AreaStatsCalculator
 

Detailed Description

Base class for the statistics from analyzed buffer.

Definition at line 20 of file stats.h.

Constructor & Destructor Documentation

◆ AreaStats()

pesieve::AreaStats::AreaStats ( )
inline

Definition at line 22 of file stats.h.

Member Function Documentation

◆ _appendVal()

virtual void pesieve::AreaStats::_appendVal ( BYTE val)
protectedpure virtual

Implemented in pesieve::AreaEntropyStats, and pesieve::AreaMultiStats.

◆ appendVal()

void pesieve::AreaStats::appendVal ( BYTE val)
inline

Definition at line 32 of file stats.h.

Here is the call graph for this function:

◆ fieldsToJSON()

virtual const void pesieve::AreaStats::fieldsToJSON ( std::stringstream & outs,
size_t level )
pure virtual

Implemented in pesieve::AreaEntropyStats, and pesieve::AreaMultiStats.

◆ fillSettings()

virtual bool pesieve::AreaStats::fillSettings ( StatsSettings * _settings)
inlinevirtual

Reimplemented in pesieve::AreaMultiStats.

Definition at line 47 of file stats.h.

◆ isFilled()

bool pesieve::AreaStats::isFilled ( ) const
inline

Definition at line 40 of file stats.h.

Here is the call graph for this function:

◆ setStartOffset()

void pesieve::AreaStats::setStartOffset ( size_t _area_start)
inline

Definition at line 27 of file stats.h.

Here is the call graph for this function:

◆ summarize()

virtual void pesieve::AreaStats::summarize ( )
pure virtual

Implemented in pesieve::AreaEntropyStats, and pesieve::AreaMultiStats.

◆ toJSON()

virtual const bool pesieve::AreaStats::toJSON ( std::stringstream & outs,
size_t level )
inlinevirtual

Definition at line 49 of file stats.h.

Here is the call graph for this function:

Friends And Related Symbol Documentation

◆ AreaStatsCalculator

friend class AreaStatsCalculator
friend

Definition at line 67 of file stats.h.

Member Data Documentation

◆ area_size

size_t pesieve::AreaStats::area_size
protected

Definition at line 64 of file stats.h.

◆ area_start

size_t pesieve::AreaStats::area_start
protected

Definition at line 65 of file stats.h.

The documentation for this class was generated from the following file:
Generated by doxygen 1.10.0