 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
A container of all the process modules that were scanned. More...
#include <scanned_modules.h>
Public Member Functions | |
| ModulesInfo (DWORD _pid) | |
| ~ModulesInfo () | |
| bool | appendToModulesList (ModuleScanReport *report) |
| size_t | count () |
| size_t | getScannedSize (ULONGLONG start_address) const |
| ScannedModule * | findModuleContaining (ULONGLONG address, size_t size=0) const |
| ScannedModule * | getModuleAt (ULONGLONG address) const |
Protected Member Functions | |
| bool | appendModule (ScannedModule *module) |
| void | deleteAll () |
A container of all the process modules that were scanned.
Definition at line 84 of file scanned_modules.h.
|
inline |
Definition at line 87 of file scanned_modules.h.
|
inline |
|
protected |
Definition at line 10 of file scanned_modules.cpp.
| bool pesieve::ModulesInfo::appendToModulesList | ( | ModuleScanReport * | report | ) |
|
inline |
Definition at line 99 of file scanned_modules.h.
|
protected |
Definition at line 73 of file scanned_modules.cpp.
| ScannedModule * pesieve::ModulesInfo::findModuleContaining | ( | ULONGLONG | address, |
| size_t | size = 0 ) const |
| ScannedModule * pesieve::ModulesInfo::getModuleAt | ( | ULONGLONG | address | ) | const |
Definition at line 103 of file scanned_modules.cpp.
| size_t pesieve::ModulesInfo::getScannedSize | ( | ULONGLONG | start_address | ) | const |
Definition at line 83 of file scanned_modules.cpp.
1.17.0
