PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
bindings Directory Reference

Directories

 python
 

Detailed Description

Important
The bindings expect PE-sieve DLLs (pe-sieve64.dll and pe-sieve32.dll) to be installed in a directory pointed by an environment variable: PESIEVE_DIR, or to be found in the current directory.
Generated by doxygen 1.13.2