PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Public Member Functions | Protected Member Functions | List of all members
pesieve::ModulesInfo Class Reference

A container of all the process modules that were scanned. More...

#include <scanned_modules.h>

Public Member Functions

 ModulesInfo (DWORD _pid)
 
 ~ModulesInfo ()
 
bool appendToModulesList (ModuleScanReport *report)
 
size_t count ()
 
size_t getScannedSize (ULONGLONG start_address) const
 
ScannedModulefindModuleContaining (ULONGLONG address, size_t size=0) const
 
ScannedModulegetModuleAt (ULONGLONG address) const
 

Protected Member Functions

bool appendModule (ScannedModule *module)
 
void deleteAll ()
 

Detailed Description

A container of all the process modules that were scanned.

Definition at line 84 of file scanned_modules.h.

Constructor & Destructor Documentation

◆ ModulesInfo()

pesieve::ModulesInfo::ModulesInfo ( DWORD _pid)
inline

Definition at line 87 of file scanned_modules.h.

◆ ~ModulesInfo()

pesieve::ModulesInfo::~ModulesInfo ( )
inline

Definition at line 92 of file scanned_modules.h.

Here is the call graph for this function:

Member Function Documentation

◆ appendModule()

bool pesieve::ModulesInfo::appendModule ( ScannedModule * module)
protected

Definition at line 10 of file scanned_modules.cpp.

Here is the call graph for this function:

◆ appendToModulesList()

bool pesieve::ModulesInfo::appendToModulesList ( ModuleScanReport * report)

Definition at line 24 of file scanned_modules.cpp.

Here is the call graph for this function:

◆ count()

size_t pesieve::ModulesInfo::count ( )
inline

Definition at line 99 of file scanned_modules.h.

◆ deleteAll()

void pesieve::ModulesInfo::deleteAll ( )
protected

Definition at line 73 of file scanned_modules.cpp.

Here is the call graph for this function:

◆ findModuleContaining()

ScannedModule * pesieve::ModulesInfo::findModuleContaining ( ULONGLONG address,
size_t size = 0 ) const

Definition at line 53 of file scanned_modules.cpp.

Here is the call graph for this function:

◆ getModuleAt()

ScannedModule * pesieve::ModulesInfo::getModuleAt ( ULONGLONG address) const

Definition at line 103 of file scanned_modules.cpp.

Here is the call graph for this function:

◆ getScannedSize()

size_t pesieve::ModulesInfo::getScannedSize ( ULONGLONG start_address) const

Definition at line 83 of file scanned_modules.cpp.

Here is the call graph for this function:
The documentation for this class was generated from the following files:
Generated by doxygen 1.10.0