31 std::map<DWORD, t_section_status>::iterator
itr;
126 void freeExecutableSections(std::map<size_t, PeSection*> &
sections);
143 bool isScanInaccessible;
A report from the code scan, generated by CodeScanner.
size_t countUnpackedSections()
size_t countSectionsWithStatus(const t_section_status neededStatus)
size_t generateTags(std::string reportPath)
virtual ULONGLONG getRelocBase()
size_t countInaccessibleSections()
virtual const void fieldsToJSON(std::stringstream &outs, size_t level, const pesieve::t_json_level &jdetails)
virtual const bool toJSON(std::stringstream &outs, size_t level, const pesieve::t_json_level &jdetails)
CodeScanReport(HMODULE _module, size_t _moduleSize)
std::map< DWORD, t_section_status > sectionToResult
enum pesieve::CodeScanReport::section_status t_section_status
A scanner for detection of patches in the code.
void setScanInaccessible(bool enable)
void setScanData(bool enable)
virtual CodeScanReport * scanRemote()
CodeScanner(HANDLE hProc, ModuleData &moduleData, RemoteModuleData &remoteModData)
Loads a module from the disk, corresponding to the module in the scanned process' memory.
A base class of all the reports detailing on the output of the performed module's scan.
virtual const bool _toJSON(std::stringstream &outs, size_t level=JSON_LEVEL, const pesieve::t_json_level &jdetails=JSON_BASIC)
A base class for all the scanners operating on module data.
RemoteModuleData & remoteModData
const bool toJSON(std::stringstream &outs, size_t level, bool short_info)
Buffers the defined PE section belonging to the module loaded in the scanned process into the local m...
Buffers the data from the module loaded in the scanned process into the local memory.
size_t fill_iat(BYTE *vBuf, size_t vBufSize, IN const peconv::ExportsMapper *exportsMap, IN OUT IATBlock &iat, IN ThunkFoundCallback *callback)
enum pesieve::module_scan_status t_scan_status
@ JSON_DETAILS
include the basic list patches in the main JSON report
@ JSON_DETAILS2
include the extended list patches in the main JSON report
Final summary about the scanned process.