PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
scanners Directory Reference
Directory dependency graph for scanners:
scanners

Files

 artefact_scanner.cpp
 
 artefact_scanner.h
 
 code_scanner.cpp
 
 code_scanner.h
 
 headers_scanner.cpp
 
 headers_scanner.h
 
 hook_targets_resolver.cpp
 
 hook_targets_resolver.h
 
 iat_scanner.cpp
 
 iat_scanner.h
 
 mapping_scanner.cpp
 
 mapping_scanner.h
 
 mempage_data.cpp
 
 mempage_data.h
 
 module_cache.cpp
 
 module_cache.h
 
 module_data.cpp
 
 module_data.h
 
 module_scan_report.h
 
 module_scanner.h
 
 patch_analyzer.cpp
 
 patch_analyzer.h
 
 patch_list.cpp
 
 patch_list.h
 
 pe_section.h
 
 process_details.h
 
 process_feature_scanner.h
 
 scan_report.cpp
 
 scan_report.h
 
 scanned_modules.cpp
 
 scanned_modules.h
 
 scanner.cpp
 
 scanner.h
 
 thread_scanner.cpp
 
 thread_scanner.h
 
 workingset_scanner.cpp
 
 workingset_scanner.h
 
Generated by doxygen 1.12.0