PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Namespaces | Enumerations | Functions
process_privilege.h File Reference
#include <windows.h>

Go to the source code of this file.

Namespaces

namespace  pesieve
namespace  pesieve::util

Enumerations

enum  pesieve::util::process_integrity_t {
  pesieve::util::INTEGRITY_UNKNOWN = -1 , pesieve::util::INTEGRITY_LOW = 0 , pesieve::util::INTEGRITY_MEDIUM , pesieve::util::INTEGRITY_HIGH ,
  pesieve::util::INTEGRITY_SYSTEM
}

Functions

bool pesieve::util::set_debug_privilege ()
process_integrity_t pesieve::util::get_integrity_level (HANDLE hProcess)
bool pesieve::util::is_DEP_enabled (HANDLE hProcess)
Generated by doxygen 1.16.1