 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
#include "path_converter.h"#include <windows.h>#include "ntddk.h"#include <shlwapi.h>#include <iostream>#include <string>#include <locale>#include <codecvt>#include "path_util.h"Go to the source code of this file.
Namespaces | |
| namespace | pesieve |
| namespace | pesieve::util |
Macros | |
| #define | LONG_PATH_PREFIX "\\\\?\\" |
| #define | GLOBALROOT_NAME "GLOBALROOT" |
Functions | |
| void | pesieve::util::init_syspaths () |
| HANDLE | pesieve::util::nt_create_file (PCWSTR filePath) |
| std::string | pesieve::util::nt_retrieve_file_path (HANDLE hFile) |
| bool | pesieve::util::is_relative (const char *path, size_t path_len) |
| bool | pesieve::util::is_disk_relative (const char *path, size_t path_len) |
| std::string | pesieve::util::remap_to_drive_letter (const std::string &full_path) |
| std::string | pesieve::util::relative_to_absolute_path (std::string path) |
| std::string | pesieve::util::replace_char (std::string &str, char ch1, char ch2) |
| bool | is_device_path (const std::string &path) |
Variables | |
| char | g_System32Path [MAX_PATH] = { 0 } |
| char | g_Syswow64Path [MAX_PATH] = { 0 } |
| #define GLOBALROOT_NAME "GLOBALROOT" |
Definition at line 19 of file path_converter.cpp.
| #define LONG_PATH_PREFIX "\\\\?\\" |
Definition at line 18 of file path_converter.cpp.
| bool is_device_path | ( | const std::string & | path | ) |
Definition at line 240 of file path_converter.cpp.
| char g_System32Path[MAX_PATH] = { 0 } |
Definition at line 21 of file path_converter.cpp.
| char g_Syswow64Path[MAX_PATH] = { 0 } |
Definition at line 22 of file path_converter.cpp.
1.12.0