PE-sieve: Class Members - Enumerator

PE-sieve

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Loading...

Searching...

No Matches

Here is a list of all enum values with links to the classes they belong to:

- i -

IMP_ALREADY_OK : pesieve::ImpReconstructor
IMP_DIR_FIXED : pesieve::ImpReconstructor
IMP_FIXED : pesieve::ImpReconstructor
IMP_NOT_FOUND : pesieve::ImpReconstructor
IMP_REC0 : pesieve::ImpReconstructor
IMP_REC1 : pesieve::ImpReconstructor
IMP_REC2 : pesieve::ImpReconstructor
IMP_REC_COUNT : pesieve::ImpReconstructor
IMP_RECOVERY_ERROR : pesieve::ImpReconstructor
IMP_RECOVERY_NOT_APPLICABLE : pesieve::ImpReconstructor
IMP_RECOVERY_SKIPPED : pesieve::ImpReconstructor
IMP_RECREATED_FILTER0 : pesieve::ImpReconstructor
IMP_RECREATED_FILTER1 : pesieve::ImpReconstructor
IMP_RECREATED_FILTER2 : pesieve::ImpReconstructor

- o -

OP_CALL_DWORD : pesieve::PatchAnalyzer
OP_JMP : pesieve::PatchAnalyzer
OP_JMP_VIA_ADDR_B1 : pesieve::PatchAnalyzer
OP_JMP_VIA_ADDR_B2 : pesieve::PatchAnalyzer
OP_PUSH_DWORD : pesieve::PatchAnalyzer
OP_SHORTJMP : pesieve::PatchAnalyzer

- r -

REPORT_ALL : pesieve::ProcessScanReport
REPORT_ARTEFACT_SCAN : pesieve::ProcessScanReport
REPORT_CODE_SCAN : pesieve::ProcessScanReport
REPORT_ERRORS : pesieve::ProcessScanReport
REPORT_HEADERS_SCAN : pesieve::ProcessScanReport
REPORT_IAT_SCAN : pesieve::ProcessScanReport
REPORT_MAPPING_SCAN : pesieve::ProcessScanReport
REPORT_MEMPAGE_SCAN : pesieve::ProcessScanReport
REPORT_NOT_SUSPICIOUS : pesieve::ProcessScanReport
REPORT_SKIPPED_SCAN : pesieve::ProcessScanReport
REPORT_SUSPICIOUS : pesieve::ProcessScanReport
REPORT_SUSPICIOUS_AND_ERRORS : pesieve::ProcessScanReport
REPORT_THREADS_SCAN : pesieve::ProcessScanReport
REPORT_TYPES_COUNT : pesieve::ProcessScanReport
REPORT_UNREACHABLE_SCAN : pesieve::ProcessScanReport
RULE_CODE : pesieve::RuleMatcher
RULE_ENCRYPTED : pesieve::RuleMatcher
RULE_NONE : pesieve::RuleMatcher
RULE_OBFUSCATED : pesieve::RuleMatcher
RULE_TEXT : pesieve::RuleMatcher

- s -

SECTION_NOT_MODIFIED : pesieve::CodeScanReport
SECTION_PATCHED : pesieve::CodeScanReport
SECTION_SCAN_ERR : pesieve::CodeScanReport
SECTION_UNPACKED : pesieve::CodeScanReport