 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
The root of the PE-sieve scanner. More...
#include <windows.h>#include <iostream>#include <stdexcept>#include <pe_sieve_types.h>#include <pe_sieve_return_codes.h>#include "pe_sieve_ver_short.h"#include "pe_sieve_report.h"#include "postprocessors/report_formatter.h"Go to the source code of this file.
Namespaces | |
| namespace | pesieve |
Functions | |
| std::string | pesieve::info () |
| The string with the basic information about the scanner. | |
| ReportEx * | pesieve::scan_and_dump (IN const pesieve::t_params args) |
| The main action performed by PE-sieve: scanning the process and dumping the detected material. | |
Variables | |
| const char | pesieve::PESIEVE_URL [] = "https://github.com/hasherezade/pe-sieve" |
The root of the PE-sieve scanner.
Definition in file pe_sieve.h.
1.12.0