PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
This is the complete list of members for pesieve::CodeMatcher, including all inherited members.
_isMatching(IN const AreaMultiStats &stats) | pesieve::CodeMatcher | inlinevirtual |
CodeMatcher() | pesieve::CodeMatcher | inline |
isMatched() | pesieve::RuleMatcher | inline |
isMatching(IN const AreaMultiStats &stats) | pesieve::RuleMatcher | inline |
matched | pesieve::RuleMatcher | protected |
name | pesieve::RuleMatcher | |
RULE_CODE enum value | pesieve::RuleMatcher | |
RULE_ENCRYPTED enum value | pesieve::RuleMatcher | |
RULE_NONE enum value | pesieve::RuleMatcher | |
RULE_OBFUSCATED enum value | pesieve::RuleMatcher | |
RULE_TEXT enum value | pesieve::RuleMatcher | |
RuleMatcher(std::string _name) | pesieve::RuleMatcher | inline |
RuleType enum name | pesieve::RuleMatcher |