pesieve::IATScanner Class Reference

A scanner for detection of IAT hooking. More...

#include <iat_scanner.h>

Inheritance diagram for pesieve::IATScanner:

Public Member Functions
	IATScanner (HANDLE hProc, ModuleData &moduleData, RemoteModuleData &remoteModData, const peconv::ExportsMapper &_exportsMap, IN const ModulesInfo &_modulesInfo, t_iat_scan_mode _hooksFilter)
virtual IATScanReport *	scanRemote ()
Public Member Functions inherited from pesieve::ModuleScanner
	ModuleScanner (HANDLE _procHndl, ModuleData &_moduleData, RemoteModuleData &_remoteModData)
virtual	~ModuleScanner ()
Public Member Functions inherited from pesieve::ProcessFeatureScanner
	ProcessFeatureScanner (HANDLE _processHandle)
virtual	~ProcessFeatureScanner ()

Additional Inherited Members
Protected Attributes inherited from pesieve::ModuleScanner
ModuleData &	moduleData
RemoteModuleData &	remoteModData
Protected Attributes inherited from pesieve::ProcessFeatureScanner
HANDLE	processHandle

Detailed Description

A scanner for detection of IAT hooking.

Definition at line 62 of file iat_scanner.h.

Constructor & Destructor Documentation

IATScanner()

pesieve::IATScanner::IATScanner ( HANDLE hProc, ModuleData & moduleData, RemoteModuleData & remoteModData, const peconv::ExportsMapper & _exportsMap, IN const ModulesInfo & _modulesInfo, t_iat_scan_mode _hooksFilter )

inline

Definition at line 65 of file iat_scanner.h.

Member Function Documentation

scanRemote()

IATScanReport * pesieve::IATScanner::scanRemote ( )

virtual

Perform the scan on the remote process

Returns

a pointer to an object of the class inherited from ModuleScanReport

Implements pesieve::ModuleScanner.

Definition at line 279 of file iat_scanner.cpp.

Here is the call graph for this function:

---

The documentation for this class was generated from the following files:

• scanners/iat_scanner.h
• scanners/iat_scanner.cpp