PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Namespaces | Functions
process_privilege.cpp File Reference
#include "process_privilege.h"
#include "process_util.h"
#include <iostream>

Go to the source code of this file.

Namespaces

namespace  pesieve
 
namespace  pesieve::util
 

Functions

HMODULE pesieve::util::get_or_load_module (const char *name)
 
BOOL pesieve::util::set_privilege (HANDLE hToken, LPCTSTR Privilege, BOOL bEnablePrivilege)
 
BOOL pesieve::util::_get_process_DEP_policy (HANDLE processHandle, DWORD &flags, BOOL &is_permanent)
 
DEP_SYSTEM_POLICY_TYPE pesieve::util::_get_system_DEP_policy ()
 
pesieve::util::process_integrity_t translate_integrity_level (TOKEN_MANDATORY_LABEL *pTIL)
 

Function Documentation

◆ translate_integrity_level()

pesieve::util::process_integrity_t translate_integrity_level ( TOKEN_MANDATORY_LABEL * pTIL)

Definition at line 129 of file process_privilege.cpp.

Generated by doxygen 1.12.0