PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
pesieve::ProcessScanReport Member List

This is the complete list of members for pesieve::ProcessScanReport, including all inherited members.

appendReport(ModuleScanReport *report)pesieve::ProcessScanReportinline
appendToType(ModuleScanReport *report)pesieve::ProcessScanReportprotected
countHdrsReplaced() constpesieve::ProcessScanReportprotected
countResultsPerType(const t_report_type type, const t_scan_status result) constpesieve::ProcessScanReportprotected
countSuspiciousPerType(const t_report_type type) constpesieve::ProcessScanReportinlineprotected
deleteModuleReports()pesieve::ProcessScanReportinlineprotected
errorsCountpesieve::ProcessScanReportprotected
exportsMappesieve::ProcessScanReport
generateSummary() constpesieve::ProcessScanReport
getModuleContaining(ULONGLONG field_addr, size_t field_size=0) constpesieve::ProcessScanReportinline
getPid()pesieve::ProcessScanReportinline
getReportType(ModuleScanReport *report)pesieve::ProcessScanReportstatic
getScannedSize(ULONGLONG address) constpesieve::ProcessScanReportinline
hasAnyShownType(const t_results_filter &filter)pesieve::ProcessScanReportprotected
hasModule(ULONGLONG page_addr)pesieve::ProcessScanReportinline
hasModuleContaining(ULONGLONG page_addr, size_t size)pesieve::ProcessScanReportinline
is64bitpesieve::ProcessScanReportprotected
isManagedpesieve::ProcessScanReportprotected
isManagedProcess()pesieve::ProcessScanReportinline
isModuleReplaced(HMODULE module_base)pesieve::ProcessScanReport
isReflectionpesieve::ProcessScanReportprotected
listModules(size_t level, const t_results_filter &filter, const t_json_level &jdetails) constpesieve::ProcessScanReportprotected
mainImagePathpesieve::ProcessScanReport
moduleReportspesieve::ProcessScanReport
modulesInfopesieve::ProcessScanReportprotected
pidpesieve::ProcessScanReportprotected
ProcessScanner classpesieve::ProcessScanReportfriend
ProcessScanReport(DWORD _pid, bool _is64bit, bool _isReflection, t_params *_usedParams)pesieve::ProcessScanReportinline
REPORT_ARTEFACT_SCAN enum valuepesieve::ProcessScanReport
REPORT_CODE_SCAN enum valuepesieve::ProcessScanReport
REPORT_HEADERS_SCAN enum valuepesieve::ProcessScanReport
REPORT_IAT_SCAN enum valuepesieve::ProcessScanReport
REPORT_MAPPING_SCAN enum valuepesieve::ProcessScanReport
REPORT_MEMPAGE_SCAN enum valuepesieve::ProcessScanReport
REPORT_SKIPPED_SCAN enum valuepesieve::ProcessScanReport
REPORT_THREADS_SCAN enum valuepesieve::ProcessScanReport
REPORT_TYPES_COUNT enum valuepesieve::ProcessScanReport
REPORT_UNREACHABLE_SCAN enum valuepesieve::ProcessScanReport
reportsByTypepesieve::ProcessScanReportprotected
ResultsDumper classpesieve::ProcessScanReportfriend
t_report_type enum namepesieve::ProcessScanReport
toJSON(std::stringstream &stream, size_t level, const t_results_filter &filter, const pesieve::t_json_level &jdetails) constpesieve::ProcessScanReportvirtual
usedParamspesieve::ProcessScanReportprotected
~ProcessScanReport()pesieve::ProcessScanReportinline
Generated by doxygen 1.12.0