PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
params_info
Namespaces
|
Functions
pe_sieve_params_info.h File Reference
#include <iostream>
#include <
pe_sieve_types.h
>
Go to the source code of this file.
Namespaces
namespace
pesieve
Functions
std::string
pesieve::translate_dump_mode
(
const
DWORD dump_mode)
std::string
pesieve::translate_out_filter
(
const
pesieve::t_output_filter
o_filter
)
std::string
pesieve::translate_data_mode
(
const
pesieve::t_data_scan_mode
&
mode
)
std::string
pesieve::translate_imprec_mode
(
const
pesieve::t_imprec_mode
imprec_mode)
std::string
pesieve::translate_dotnet_policy
(
const
pesieve::t_dotnet_policy
&
mode
)
std::string
pesieve::translate_iat_scan_mode
(
const
pesieve::t_iat_scan_mode
mode
)
std::string
pesieve::translate_json_level
(
const
pesieve::t_json_level
&
mode
)
std::string
pesieve::translate_shellc_mode
(
const
pesieve::t_shellc_mode
&
mode
)
std::string
pesieve::shellc_mode_mode_to_id
(
const
pesieve::t_shellc_mode
&
mode
)
std::string
pesieve::translate_obfusc_mode
(
const
pesieve::t_obfusc_mode
&
mode
)
std::string
pesieve::obfusc_mode_mode_to_id
(
const
pesieve::t_obfusc_mode
&
mode
)
std::string
pesieve::dump_mode_to_id
(
const
DWORD dump_mode)
std::string
pesieve::imprec_mode_to_id
(
const
pesieve::t_imprec_mode
imprec_mode)
Generated by
1.10.0