 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
This is the complete list of members for pesieve::PeArtefacts, including all inherited members.
| calculatedImgSize | pesieve::PeArtefacts | |
| dropPeBase(const ULONGLONG offset_with_pe_base) const | pesieve::PeArtefacts | inline |
| fieldsToJSON(std::stringstream &outs, size_t level, const pesieve::t_json_level &jdetails) | pesieve::PeArtefacts | inlinevirtual |
| hasNtHdrs() | pesieve::PeArtefacts | inline |
| hasSectionHdrs() | pesieve::PeArtefacts | inline |
| is64bit | pesieve::PeArtefacts | |
| isDll | pesieve::PeArtefacts | |
| isMzPeFound | pesieve::PeArtefacts | |
| JSON_LEVEL | pesieve::PeArtefacts | static |
| ntFileHdrsOffset | pesieve::PeArtefacts | |
| PeArtefacts() | pesieve::PeArtefacts | inline |
| peBaseOffset | pesieve::PeArtefacts | |
| peImageBase() | pesieve::PeArtefacts | inline |
| regionStart | pesieve::PeArtefacts | |
| secCount | pesieve::PeArtefacts | |
| secHdrsOffset | pesieve::PeArtefacts | |
| toJSON(std::stringstream &outs, size_t level, const pesieve::t_json_level &jdetails) | pesieve::PeArtefacts | inlinevirtual |
1.10.0