 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
#include "iat_scanner.h"#include <peconv.h>#include <string>#include <fstream>#include <iostream>Go to the source code of this file.
Functions | |
| template<typename FIELD_T> | |
| FIELD_T | get_thunk_at_rva (BYTE *mod_buf, size_t mod_size, DWORD rva) |
| FIELD_T get_thunk_at_rva | ( | BYTE * | mod_buf, |
| size_t | mod_size, | ||
| DWORD | rva ) |
Definition at line 155 of file iat_scanner.cpp.
1.13.2