PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Loading...
Searching...
No Matches
Namespaces | Enumerations | Functions
process_privilege.h File Reference
#include <windows.h>

Go to the source code of this file.

Namespaces

namespace  pesieve
 
namespace  pesieve::util
 

Enumerations

enum  pesieve::util::process_integrity_t {
  pesieve::util::INTEGRITY_UNKNOWN = -1 , pesieve::util::INTEGRITY_LOW = 0 , pesieve::util::INTEGRITY_MEDIUM , pesieve::util::INTEGRITY_HIGH ,
  pesieve::util::INTEGRITY_SYSTEM
}
 

Functions

bool pesieve::util::set_debug_privilege ()
 
process_integrity_t pesieve::util::get_integrity_level (HANDLE hProcess)
 
bool pesieve::util::is_DEP_enabled (HANDLE hProcess)
 
Generated by doxygen 1.10.0