PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
format_util.h
Go to the documentation of this file.
1#pragma once
2
3#include <windows.h>
4
5#include <string>
6#include <set>
7#include <sstream>
8#include <iomanip>
9
10#include "strings_util.h"
11
12#define OUT_PADDED(stream, field_size, str) \
13std::cout.fill(' '); \
14if (field_size) stream << std::setw(field_size) << ' '; \
15stream << str;
16
17namespace pesieve {
18
19 namespace util {
20
21 /*
22 Get hexadecimal or decimal number from a string. Hexadecimal numbers should be prefixed with "0x".
23 */
24 long get_number(const char *buf);
25
26 /*
27 Checks if the buffer is a number (hexadecimal or decimal ). Hexadecimal numbers should be prefixed with "0x".
28 */
29 bool is_number(const char* buf);
30
31 // Checks if the given string is in the given set
32 bool is_in_list(std::string searched_string, std::set<std::string>& string_list, bool to_lower=true);
33
34 size_t string_to_list(IN::std::string s, IN char _delim, OUT std::set<std::string>& elements_list, bool to_lower=true);
35
36 };
37};
38
pesieve::util::is_number
bool is_number(const char *buf)
Definition format_util.cpp:62
pesieve::util::string_to_list
size_t string_to_list(IN::std::string s, IN char _delim, OUT std::set< std::string > &elements_list, bool to_lower=true)
pesieve::util::is_in_list
bool is_in_list(std::string searched_string, std::set< std::string > &string_list, bool to_lower=true)
Definition format_util.cpp:81
pesieve::util::get_number
long get_number(const char *buf)
Definition format_util.cpp:34
pesieve::fill_iat
size_t fill_iat(BYTE *vBuf, size_t vBufSize, IN const peconv::ExportsMapper *exportsMap, IN OUT IATBlock &iat, IN ThunkFoundCallback *callback)
Definition iat_finder.h:31
strings_util.h
Generated by doxygen 1.10.0