PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Macros | Functions | Variables
pe_sieve_api.cpp File Reference
#include <windows.h>
#include <string>
#include <iostream>
#include "pe_sieve.h"
#include <pe_sieve_api.h>

Go to the source code of this file.

Macros

#define PESIEVE_EXPORTS
 
#define LIB_NAME   "PE-sieve"
 

Functions

size_t print_report (const pesieve::ReportEx &report, const pesieve::t_params args, const t_report_type rtype, char *json_buf, size_t json_buf_size)
 
PEsieve_report PESIEVE_API_FUNC PESieve_scan_ex (IN const PEsieve_params &args, IN const PEsieve_rtype rtype, OUT char *json_buf, IN size_t json_buf_size, OUT size_t *needed_size)
 
PEsieve_report PESIEVE_API_FUNC PESieve_scan (IN const PEsieve_params &args)
 Performs a PE-sieve scan with a supplied set of parameters (defined as a structure t_params). Returns a summary of the scan in a variable of type t_report.
 
void PESIEVE_API_FUNC PESieve_help (void)
 Shows a MessageBox with the informations about PE-sieve.
 

Variables

const DWORD PESIEVE_API PESieve_version = MAKELONG(MAKEWORD(PESIEVE_PATCH_VERSION, PESIEVE_MICRO_VERSION), MAKEWORD(PESIEVE_MINOR_VERSION, PESIEVE_MAJOR_VERSION))
 

Macro Definition Documentation

◆ LIB_NAME

#define LIB_NAME   "PE-sieve"

Definition at line 10 of file pe_sieve_api.cpp.

◆ PESIEVE_EXPORTS

#define PESIEVE_EXPORTS

Definition at line 7 of file pe_sieve_api.cpp.

Function Documentation

◆ PESieve_help()

void PESIEVE_API_FUNC PESieve_help ( void )

Shows a MessageBox with the informations about PE-sieve.

Definition at line 72 of file pe_sieve_api.cpp.

Here is the call graph for this function:

◆ PESieve_scan()

PEsieve_report PESIEVE_API_FUNC PESieve_scan ( IN const PEsieve_params & args)

Performs a PE-sieve scan with a supplied set of parameters (defined as a structure t_params). Returns a summary of the scan in a variable of type t_report.

Definition at line 67 of file pe_sieve_api.cpp.

Here is the call graph for this function:

◆ PESieve_scan_ex()

PEsieve_report PESIEVE_API_FUNC PESieve_scan_ex ( IN const PEsieve_params & args,
IN const PEsieve_rtype rtype,
OUT char * json_buf,
IN size_t json_buf_size,
OUT size_t * needed_size )

Definition at line 30 of file pe_sieve_api.cpp.

Here is the call graph for this function:

◆ print_report()

size_t print_report ( const pesieve::ReportEx & report,
const pesieve::t_params args,
const t_report_type rtype,
char * json_buf,
size_t json_buf_size )

Definition at line 14 of file pe_sieve_api.cpp.

Here is the call graph for this function:

Variable Documentation

◆ PESieve_version

const DWORD PESIEVE_API PESieve_version = MAKELONG(MAKEWORD(PESIEVE_PATCH_VERSION, PESIEVE_MICRO_VERSION), MAKEWORD(PESIEVE_MINOR_VERSION, PESIEVE_MAJOR_VERSION))
extern
Generated by doxygen 1.12.0