pesieve::HeadersScanReport Class Reference

A report from the headers scan, generated by HeadersScanner. More...

#include <headers_scanner.h>

Inheritance diagram for pesieve::HeadersScanReport:

Public Member Functions
	HeadersScanReport (HMODULE _module, size_t _moduleSize)
virtual const void	fieldsToJSON (std::stringstream &outs, size_t level, const pesieve::t_json_level &jdetails)
virtual const bool	toJSON (std::stringstream &outs, size_t level, const pesieve::t_json_level &jdetails)
bool	isHdrReplaced ()
Public Member Functions inherited from pesieve::ModuleScanReport
	ModuleScanReport (HMODULE _module, size_t _moduleSize, t_scan_status _status=SCAN_NOT_SUSPICIOUS)
virtual	~ModuleScanReport ()
virtual ULONGLONG	getRelocBase ()
Public Member Functions inherited from pesieve::ElementScanReport
	ElementScanReport (t_scan_status _status=SCAN_NOT_SUSPICIOUS)

Public Attributes
bool	epModified
bool	dosHdrModified
bool	fileHdrModified
bool	ntHdrModified
bool	secHdrModified
bool	archMismatch
DWORD	is64
bool	isInPEB
Public Attributes inherited from pesieve::ModuleScanReport
HMODULE	module
size_t	moduleSize
bool	isDotNetModule
std::string	moduleFile
ULONGLONG	origBase
ULONGLONG	relocBase
Public Attributes inherited from pesieve::ElementScanReport
t_scan_status	status

Additional Inherited Members
Static Public Member Functions inherited from pesieve::ElementScanReport
static t_scan_status	get_scan_status (const ElementScanReport *report)
Static Public Attributes inherited from pesieve::ElementScanReport
static const size_t	JSON_LEVEL = 1
Protected Member Functions inherited from pesieve::ModuleScanReport
virtual const bool	_toJSON (std::stringstream &outs, size_t level=JSON_LEVEL, const pesieve::t_json_level &jdetails=JSON_BASIC)

Detailed Description

A report from the headers scan, generated by HeadersScanner.

Definition at line 10 of file headers_scanner.h.

Constructor & Destructor Documentation

HeadersScanReport()

pesieve::HeadersScanReport::HeadersScanReport ( HMODULE _module, size_t _moduleSize )

inline

Definition at line 13 of file headers_scanner.h.

Here is the call graph for this function:

Member Function Documentation

fieldsToJSON()

virtual const void pesieve::HeadersScanReport::fieldsToJSON ( std::stringstream & outs, size_t level, const pesieve::t_json_level & jdetails )

inlinevirtual

Definition at line 21 of file headers_scanner.h.

Here is the call graph for this function:

isHdrReplaced()

bool pesieve::HeadersScanReport::isHdrReplaced ( )

inline

Definition at line 65 of file headers_scanner.h.

toJSON()

virtual const bool pesieve::HeadersScanReport::toJSON ( std::stringstream & outs, size_t level, const pesieve::t_json_level & jdetails )

inlinevirtual

Implements pesieve::ModuleScanReport.

Definition at line 56 of file headers_scanner.h.

Here is the call graph for this function:

Member Data Documentation

archMismatch

bool pesieve::HeadersScanReport::archMismatch

Definition at line 75 of file headers_scanner.h.

dosHdrModified

bool pesieve::HeadersScanReport::dosHdrModified

Definition at line 71 of file headers_scanner.h.

epModified

bool pesieve::HeadersScanReport::epModified

Definition at line 70 of file headers_scanner.h.

fileHdrModified

bool pesieve::HeadersScanReport::fileHdrModified

Definition at line 72 of file headers_scanner.h.

is64

DWORD pesieve::HeadersScanReport::is64

Definition at line 76 of file headers_scanner.h.

isInPEB

bool pesieve::HeadersScanReport::isInPEB

Definition at line 77 of file headers_scanner.h.

ntHdrModified

bool pesieve::HeadersScanReport::ntHdrModified

Definition at line 73 of file headers_scanner.h.

secHdrModified

bool pesieve::HeadersScanReport::secHdrModified

Definition at line 74 of file headers_scanner.h.

---

The documentation for this class was generated from the following file:

• scanners/headers_scanner.h