 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
#include <windows.h>Go to the source code of this file.
Classes | |
| struct | pesieve::_t_pattern |
Namespaces | |
| namespace | pesieve |
Typedefs | |
| typedef struct pesieve::_t_pattern | pesieve::t_pattern |
Variables | |
| BYTE | pesieve::prolog32_pattern [] |
| BYTE | pesieve::prolog32_2_pattern [] |
| BYTE | pesieve::prolog32_3_pattern [] |
| t_pattern | pesieve::patterns32 [] |
| BYTE | pesieve::prolog64_pattern [] |
| BYTE | pesieve::prolog64_2_pattern [] |
| BYTE | pesieve::prolog64_3_pattern [] |
| BYTE | pesieve::prolog64_4_pattern [] |
| BYTE | pesieve::prolog64_5_pattern [] |
| BYTE | pesieve::prolog64_6_pattern [] |
| BYTE | pesieve::prolog64_7_pattern [] |
| t_pattern | pesieve::patterns64 [] |
1.12.0