PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
scanners Directory Reference
Directory dependency graph for scanners:
scanners

Files

 		artefact_scanner.cpp
 		artefact_scanner.h
 		code_scanner.cpp
 		code_scanner.h
 		headers_scanner.cpp
 		headers_scanner.h
 		hook_targets_resolver.cpp
 		hook_targets_resolver.h
 		iat_scanner.cpp
 		iat_scanner.h
 		mapping_scanner.cpp
 		mapping_scanner.h
 		mempage_data.cpp
 		mempage_data.h
 		module_cache.cpp
 		module_cache.h
 		module_data.cpp
 		module_data.h
 		module_scan_report.h
 		module_scanner.h
 		patch_analyzer.cpp
 		patch_analyzer.h
 		patch_list.cpp
 		patch_list.h
 		pe_section.h
 		process_details.h
 		process_feature_scanner.h
 		scan_report.cpp
 		scan_report.h
 		scanned_modules.cpp
 		scanned_modules.h
 		scanner.cpp
 		scanner.h
 		thread_scanner.cpp
 		thread_scanner.h
 		workingset_scanner.cpp
 		workingset_scanner.h
Generated by doxygen 1.16.1