 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Go to the source code of this file.
Classes | |
| class | pesieve.t_output_filter |
| class | pesieve.t_shellc_mode |
| class | pesieve.t_obfusc_mode |
| class | pesieve.t_imprec_mode |
| class | pesieve.t_dump_mode |
| class | pesieve.t_iat_scan_mode |
| class | pesieve.t_dotnet_policy |
| class | pesieve.t_data_scan_mode |
| class | pesieve.t_json_level |
| class | pesieve.t_results_filter |
| class | pesieve.t_report_type |
| class | pesieve.PARAM_STRING |
| class | pesieve.t_params |
| class | pesieve.t_report |
Namespaces | |
| namespace | pesieve |
Functions | |
| pesieve.version_to_str (version_val) | |
| pesieve.init () | |
| pesieve.PESieve_help () | |
| t_report | pesieve.PESieve_scan (t_params params) |
| tuple[t_report, str, int] | pesieve.PESieve_scan_ex (t_params params, t_report_type rtype, int buf_size) |
| pesieve.PESieve_scan_ex_auto (t_params params, t_report_type rtype) | |
Variables | |
| int | pesieve.PESIEVE_MIN_VER = 0x040102 |
| int | pesieve.PESIEVE_MAX_VER = 0x040102 |
| int | pesieve.ERROR_SCAN_FAILURE = -1 |
| int | pesieve.MAX_PATH = 260 |
| pesieve.lib = None | |
| pesieve.PESieve_version = None | |
1.16.1