 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Go to the source code of this file.
Namespaces | |
| namespace | pesieve |
| namespace | pesieve::util |
Functions | |
| pesieve::util::BOOL (WINAPI *g_IsWow64Process)(IN HANDLE = nullptr | |
| HMODULE | pesieve::util::get_kernel32_hndl () |
Variables | |
| HMODULE | pesieve::util::g_kernel32Hndl = nullptr |
| OUT | pesieve::util::PBOOL = nullptr |
| IN OUT PWOW64_CONTEXT | pesieve::util::lpContext = nullptr |
1.12.0