PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
utils Directory Reference

Files

 		artefacts_util.cpp
 		artefacts_util.h
 		byte_buffer.h
 		code_patterns.h
 		console_color.cpp
 		console_color.h
 		custom_buffer.h
 		custom_mutex.h
 		format_util.cpp
 		format_util.h
 		modules_enum.cpp
 		modules_enum.h
 		path_converter.cpp
 		path_converter.h
 		path_util.cpp
 		path_util.h
 		process_minidump.cpp
 		process_minidump.h
 		process_privilege.cpp
 		process_privilege.h
 		process_reflection.cpp
 		process_reflection.h
 		process_symbols.h
 		process_util.cpp
 		process_util.h
 		strings_util.cpp
 		strings_util.h
 		syscall_extractor.cpp
 		syscall_extractor.h
 		threads_util.cpp
 		threads_util.h
 		workingset_enum.cpp
 		workingset_enum.h
Generated by doxygen 1.16.1