PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Static Public Attributes | List of all members
pesieve.t_dump_mode Class Reference
Inheritance diagram for pesieve.t_dump_mode:
Inheritance graph
[legend]

Static Public Attributes

int PE_DUMP_AUTO = 0
 
int PE_DUMP_VIRTUAL = 1
 
int PE_DUMP_UNMAP = 2
 
int PE_DUMP_REALIGN = 3
 
int PE_DUMP_MODES_COUNT = 4
 

Detailed Description

Definition at line 51 of file pesieve.py.

Member Data Documentation

◆ PE_DUMP_AUTO

int pesieve.t_dump_mode.PE_DUMP_AUTO = 0
static

Definition at line 52 of file pesieve.py.

◆ PE_DUMP_MODES_COUNT

int pesieve.t_dump_mode.PE_DUMP_MODES_COUNT = 4
static

Definition at line 56 of file pesieve.py.

◆ PE_DUMP_REALIGN

int pesieve.t_dump_mode.PE_DUMP_REALIGN = 3
static

Definition at line 55 of file pesieve.py.

◆ PE_DUMP_UNMAP

int pesieve.t_dump_mode.PE_DUMP_UNMAP = 2
static

Definition at line 54 of file pesieve.py.

◆ PE_DUMP_VIRTUAL

int pesieve.t_dump_mode.PE_DUMP_VIRTUAL = 1
static

Definition at line 53 of file pesieve.py.

The documentation for this class was generated from the following file:
Generated by doxygen 1.10.0