pesieve::ModuleScanReport Class Reference

A base class of all the reports detailing on the output of the performed module's scan. More...

#include <module_scan_report.h>

Inheritance diagram for pesieve::ModuleScanReport:

Public Member Functions
	ModuleScanReport (HMODULE _module, size_t _moduleSize, t_scan_status _status=SCAN_NOT_SUSPICIOUS)
virtual	~ModuleScanReport ()
virtual ULONGLONG	getRelocBase ()
virtual const bool	toJSON (std::stringstream &outs, size_t level=JSON_LEVEL, const pesieve::t_json_level &jdetails=JSON_BASIC)=0
Public Member Functions inherited from pesieve::ElementScanReport
	ElementScanReport (t_scan_status _status=SCAN_NOT_SUSPICIOUS)

Public Attributes
HMODULE	module
size_t	moduleSize
bool	isDotNetModule
std::string	moduleFile
ULONGLONG	origBase
ULONGLONG	relocBase
Public Attributes inherited from pesieve::ElementScanReport
t_scan_status	status

Protected Member Functions
virtual const bool	_toJSON (std::stringstream &outs, size_t level=JSON_LEVEL, const pesieve::t_json_level &jdetails=JSON_BASIC)

Additional Inherited Members
Static Public Member Functions inherited from pesieve::ElementScanReport
static t_scan_status	get_scan_status (const ElementScanReport *report)
Static Public Attributes inherited from pesieve::ElementScanReport
static const size_t	JSON_LEVEL = 1

Detailed Description

A base class of all the reports detailing on the output of the performed module's scan.

Definition at line 55 of file module_scan_report.h.

Constructor & Destructor Documentation

ModuleScanReport()

pesieve::ModuleScanReport::ModuleScanReport ( HMODULE _module, size_t _moduleSize, t_scan_status _status = SCAN_NOT_SUSPICIOUS )

inline

Definition at line 58 of file module_scan_report.h.

Here is the call graph for this function:

~ModuleScanReport()

virtual pesieve::ModuleScanReport::~ModuleScanReport ( )

inlinevirtual

Definition at line 65 of file module_scan_report.h.

Member Function Documentation

_toJSON()

virtual const bool pesieve::ModuleScanReport::_toJSON ( std::stringstream & outs, size_t level = JSON_LEVEL, const pesieve::t_json_level & jdetails = JSON_BASIC )

inlineprotectedvirtual

Reimplemented from pesieve::ElementScanReport.

Definition at line 82 of file module_scan_report.h.

Here is the call graph for this function:

getRelocBase()

virtual ULONGLONG pesieve::ModuleScanReport::getRelocBase ( )

inlinevirtual

Reimplemented in pesieve::CodeScanReport.

Definition at line 67 of file module_scan_report.h.

toJSON()

virtual const bool pesieve::ModuleScanReport::toJSON ( std::stringstream & outs, size_t level = JSON_LEVEL, const pesieve::t_json_level & jdetails = JSON_BASIC )

pure virtual

Implemented in pesieve::ArtefactScanReport, pesieve::CodeScanReport, pesieve::HeadersScanReport, pesieve::IATScanReport, pesieve::MalformedHeaderReport, pesieve::MappingScanReport, pesieve::SkippedModuleReport, pesieve::ThreadScanReport, pesieve::UnreachableModuleReport, and pesieve::WorkingSetScanReport.

Member Data Documentation

isDotNetModule

bool pesieve::ModuleScanReport::isDotNetModule

Definition at line 76 of file module_scan_report.h.

module

HMODULE pesieve::ModuleScanReport::module

Definition at line 74 of file module_scan_report.h.

moduleFile

std::string pesieve::ModuleScanReport::moduleFile

Definition at line 77 of file module_scan_report.h.

moduleSize

size_t pesieve::ModuleScanReport::moduleSize

Definition at line 75 of file module_scan_report.h.

origBase

ULONGLONG pesieve::ModuleScanReport::origBase

Definition at line 78 of file module_scan_report.h.

relocBase

ULONGLONG pesieve::ModuleScanReport::relocBase

Definition at line 79 of file module_scan_report.h.

---

The documentation for this class was generated from the following file:

• scanners/module_scan_report.h