PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Static Public Attributes | List of all members
pesieve.t_dotnet_policy Class Reference
Inheritance diagram for pesieve.t_dotnet_policy:
Inheritance graph
[legend]

Static Public Attributes

int PE_DNET_NONE = 0
int PE_DNET_SKIP_MAPPING = 1
int PE_DNET_SKIP_SHC = 2
int PE_DNET_SKIP_HOOKS = 3
int PE_DNET_SKIP_ALL = 4
int PE_DNET_COUNT = 5

Detailed Description

Definition at line 66 of file pesieve.py.

Member Data Documentation

◆ PE_DNET_COUNT

int pesieve.t_dotnet_policy.PE_DNET_COUNT = 5
static

Definition at line 72 of file pesieve.py.

◆ PE_DNET_NONE

int pesieve.t_dotnet_policy.PE_DNET_NONE = 0
static

Definition at line 67 of file pesieve.py.

◆ PE_DNET_SKIP_ALL

int pesieve.t_dotnet_policy.PE_DNET_SKIP_ALL = 4
static

Definition at line 71 of file pesieve.py.

◆ PE_DNET_SKIP_HOOKS

int pesieve.t_dotnet_policy.PE_DNET_SKIP_HOOKS = 3
static

Definition at line 70 of file pesieve.py.

◆ PE_DNET_SKIP_MAPPING

int pesieve.t_dotnet_policy.PE_DNET_SKIP_MAPPING = 1
static

Definition at line 68 of file pesieve.py.

◆ PE_DNET_SKIP_SHC

int pesieve.t_dotnet_policy.PE_DNET_SKIP_SHC = 2
static

Definition at line 69 of file pesieve.py.

The documentation for this class was generated from the following file:
Generated by doxygen 1.17.0