 |
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
Loading...
Searching...
No Matches
|
PE-sieve
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
|
#include <windows.h>#include <iostream>#include <string>#include <map>Go to the source code of this file.
Classes | |
| struct | pesieve::SyscallTable |
Namespaces | |
| namespace | pesieve |
| namespace | pesieve::util |
Functions | |
| size_t | pesieve::util::extract_syscall_table (OUT std::map< DWORD, std::string > &syscallToName) |
1.12.0