PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
pe_sieve_report.h
Go to the documentation of this file.
1
5
6#pragma once
7
8#include <windows.h>
9#include <iostream>
10
11#include "scanners/scan_report.h"
12#include "postprocessors/dump_report.h"
13
14namespace pesieve {
15
16 class ErrorReport
17 {
18 public:
19 ErrorReport(DWORD _pid, const std::string &_message)
20 : pid(_pid), message(_message)
21 {
22 }
23
24 const DWORD pid;
25 const std::string message;
26 };
27
29 class ReportEx {
30 public:
31 ReportEx() :
32 scan_report(nullptr), dump_report(nullptr), error_report(nullptr)
33 {
34 }
35
36 ~ReportEx()
37 {
38 delete scan_report;
39 delete dump_report;
40 delete error_report;
41 }
42
43 ProcessScanReport* scan_report;
44 ProcessDumpReport* dump_report;
45 ErrorReport* error_report;
46 };
47
48};
pesieve::ErrorReport::ErrorReport
ErrorReport(DWORD _pid, const std::string &_message)
Definition pe_sieve_report.h:19
pesieve::ErrorReport::message
const std::string message
Definition pe_sieve_report.h:25
pesieve::ProcessDumpReport
The report aggregating the results of the performed dumps.
Definition dump_report.h:49
pesieve::ProcessScanReport
The report aggregating the results of the performed scan.
Definition scan_report.h:19
pesieve::ReportEx::scan_report
ProcessScanReport * scan_report
the report aggregating the results of the performed scans
Definition pe_sieve_report.h:43
pesieve::ReportEx::dump_report
ProcessDumpReport * dump_report
the report aggregating the results of the performed dumps
Definition pe_sieve_report.h:44
pesieve::ReportEx::error_report
ErrorReport * error_report
the report detailing on possible errors that prevented the scan
Definition pe_sieve_report.h:45
dump_report.h
scan_report.h
Generated by doxygen 1.13.2