 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
This is the complete list of members for pesieve::_ctx_details, including all inherited members.
| _ctx_details(bool _is64b=false, ULONGLONG _rip=0, ULONGLONG _rsp=0, ULONGLONG _rbp=0, ULONGLONG _ret_addr=0) | pesieve::_ctx_details | inline |
| init(bool _is64b=false, ULONGLONG _rip=0, ULONGLONG _rsp=0, ULONGLONG _rbp=0, ULONGLONG _ret_addr=0) | pesieve::_ctx_details | inline |
| is64b | pesieve::_ctx_details | |
| is_managed | pesieve::_ctx_details | |
| is_ret_as_syscall | pesieve::_ctx_details | |
| is_ret_in_frame | pesieve::_ctx_details | |
| last_ret | pesieve::_ctx_details | |
| rbp | pesieve::_ctx_details | |
| ret_on_stack | pesieve::_ctx_details | |
| rip | pesieve::_ctx_details | |
| rsp | pesieve::_ctx_details | |
| shcCandidates | pesieve::_ctx_details | |
| stackFramesCount | pesieve::_ctx_details |
1.12.0