PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Namespaces | Functions
pe_sieve_params_info.h File Reference
#include <iostream>
#include <pe_sieve_types.h>

Go to the source code of this file.

Namespaces

namespace  pesieve
 

Functions

std::string pesieve::translate_dump_mode (const DWORD dump_mode)
 
std::string pesieve::translate_out_filter (const pesieve::t_output_filter o_filter)
 
std::string pesieve::translate_data_mode (const pesieve::t_data_scan_mode &mode)
 
std::string pesieve::translate_imprec_mode (const pesieve::t_imprec_mode imprec_mode)
 
std::string pesieve::translate_dotnet_policy (const pesieve::t_dotnet_policy &mode)
 
std::string pesieve::translate_iat_scan_mode (const pesieve::t_iat_scan_mode mode)
 
std::string pesieve::translate_json_level (const pesieve::t_json_level &mode)
 
std::string pesieve::translate_shellc_mode (const pesieve::t_shellc_mode &mode)
 
std::string pesieve::shellc_mode_mode_to_id (const pesieve::t_shellc_mode &mode)
 
std::string pesieve::translate_obfusc_mode (const pesieve::t_obfusc_mode &mode)
 
std::string pesieve::obfusc_mode_mode_to_id (const pesieve::t_obfusc_mode &mode)
 
std::string pesieve::dump_mode_to_id (const DWORD dump_mode)
 
std::string pesieve::imprec_mode_to_id (const pesieve::t_imprec_mode imprec_mode)
 
Generated by doxygen 1.10.0