PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
path_converter.h
Go to the documentation of this file.
1#pragma once
2
3#include <iostream>
4
5namespace pesieve {
6
7 namespace util {
8
9 //convert from System32 path to the WoW64 equivalent:
10 bool convert_to_wow64_path(char *szModName);
11
12 //converts path in format: \SystemRoot\... to format: C:\...
13 std::string convert_to_win32_path(const std::string &path);
14
15 //converts path in format i.e.: \Device\HarddiskVolume2\... to format: C:\...
16 std::string device_path_to_win32_path(const std::string &full_path);
17
18 std::string expand_path(const std::string &path);
19
20 };
21};
22
pesieve::util::expand_path
std::string expand_path(const std::string &path)
Definition path_converter.cpp:252
pesieve::util::convert_to_win32_path
std::string convert_to_win32_path(const std::string &path)
Definition path_converter.cpp:206
pesieve::util::device_path_to_win32_path
std::string device_path_to_win32_path(const std::string &full_path)
Definition path_converter.cpp:228
pesieve::util::convert_to_wow64_path
bool convert_to_wow64_path(char *szModName)
Definition path_converter.cpp:195
Generated by doxygen 1.13.2