PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
This is the complete list of members for pesieve::UnreachableModuleReport, including all inherited members.
_toJSON(std::stringstream &outs, size_t level=JSON_LEVEL, const pesieve::t_json_level &jdetails=JSON_BASIC) | pesieve::ModuleScanReport | inlineprotectedvirtual |
get_scan_status(const ModuleScanReport *report) | pesieve::ModuleScanReport | inlinestatic |
getRelocBase() | pesieve::ModuleScanReport | inlinevirtual |
isDotNetModule | pesieve::ModuleScanReport | |
JSON_LEVEL | pesieve::ModuleScanReport | static |
moduleFile | pesieve::ModuleScanReport | |
ModuleScanReport(HMODULE _module, size_t _moduleSize, t_scan_status _status) | pesieve::ModuleScanReport | inline |
ModuleScanReport(HMODULE _module, size_t _moduleSize) | pesieve::ModuleScanReport | inline |
moduleSize | pesieve::ModuleScanReport | |
status | pesieve::ModuleScanReport | |
toJSON(std::stringstream &outs, size_t level=JSON_LEVEL, const pesieve::t_json_level &jdetails=JSON_BASIC) | pesieve::UnreachableModuleReport | inlinevirtual |
UnreachableModuleReport(HMODULE _module, size_t _moduleSize, std::string _moduleFile) | pesieve::UnreachableModuleReport | inline |
~ModuleScanReport() | pesieve::ModuleScanReport | inlinevirtual |