PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
pesieve::WorkingSetScanner Member List

This is the complete list of members for pesieve::WorkingSetScanner, including all inherited members.

argspesieve::WorkingSetScannerprotected
checkAreaContent(IN MemPageData &_memPage, OUT WorkingSetScanReport *my_report)pesieve::WorkingSetScannerprotected
isExecutable(MemPageData &memPageData)pesieve::WorkingSetScannerprotected
isPotentiallyExecutable(MemPageData &memPageData, const t_data_scan_mode &mode)pesieve::WorkingSetScannerprotected
isScannedAsModule(MemPageData &memPageData)pesieve::WorkingSetScannerprotected
memRegionpesieve::WorkingSetScannerprotected
pDetailspesieve::WorkingSetScannerprotected
ProcessFeatureScanner(HANDLE _processHandle)pesieve::ProcessFeatureScannerinline
processHandlepesieve::ProcessFeatureScannerprotected
processReportpesieve::WorkingSetScannerprotected
scanExecutableArea(MemPageData &memPageData)pesieve::WorkingSetScannerprotected
scanImg(MemPageData &memPage)pesieve::WorkingSetScannerprotected
scanRemote()pesieve::WorkingSetScannervirtual
WorkingSetScanner(HANDLE _procHndl, process_details _proc_details, const util::mem_region_info _mem_region, pesieve::t_params _args, ProcessScanReport &_process_report)pesieve::WorkingSetScannerinline
~ProcessFeatureScanner()pesieve::ProcessFeatureScannerinlinevirtual
~WorkingSetScanner()pesieve::WorkingSetScannerinlinevirtual