├── .appveyor.yml ├── .github └── workflows │ └── main.yml ├── .gitignore ├── .gitmodules ├── CMakeLists.txt ├── Doxyfile ├── LICENSE ├── README.md ├── bindings ├── README.md └── python │ ├── demo.py │ └── pesieve.py ├── color_scheme.h ├── dll_main.cpp ├── include ├── pe_sieve_api.h ├── pe_sieve_return_codes.h └── pe_sieve_types.h ├── logo ├── 128X128.ico ├── 128X128.png ├── 16X16.ico ├── 24X24.ico ├── 32X32.ico ├── 48X48.ico ├── 64X64.ico ├── PE SIEVE-icon.png ├── PE-SIEVE.png ├── PE-SIEVE_small.png └── favicon.ico ├── main.cpp ├── main.def ├── mingw_build.sh ├── params.h ├── params_info ├── params_dump.cpp ├── params_dump.h ├── pe_sieve_params_info.cpp └── pe_sieve_params_info.h ├── pe-sieve.manifest ├── pe_sieve.cpp ├── pe_sieve.h ├── pe_sieve_api.cpp ├── pe_sieve_report.h ├── pe_sieve_res.rc ├── pe_sieve_res_icon.rc ├── pe_sieve_ver_short.h ├── postprocessors ├── dump_report.cpp ├── dump_report.h ├── imp_rec │ ├── iat_block.cpp │ ├── iat_block.h │ ├── iat_finder.h │ ├── imp_reconstructor.cpp │ ├── imp_reconstructor.h │ ├── import_table_finder.cpp │ └── import_table_finder.h ├── pe_buffer.cpp ├── pe_buffer.h ├── pe_reconstructor.cpp ├── pe_reconstructor.h ├── report_formatter.cpp ├── report_formatter.h ├── results_dumper.cpp └── results_dumper.h ├── resources.h ├── scanners ├── artefact_scanner.cpp ├── artefact_scanner.h ├── code_scanner.cpp ├── code_scanner.h ├── headers_scanner.cpp ├── headers_scanner.h ├── hook_targets_resolver.cpp ├── hook_targets_resolver.h ├── iat_scanner.cpp ├── iat_scanner.h ├── mapping_scanner.cpp ├── mapping_scanner.h ├── mempage_data.cpp ├── mempage_data.h ├── module_cache.cpp ├── module_cache.h ├── module_data.cpp ├── module_data.h ├── module_scan_report.h ├── module_scanner.h ├── patch_analyzer.cpp ├── patch_analyzer.h ├── patch_list.cpp ├── patch_list.h ├── pe_section.h ├── process_details.h ├── process_feature_scanner.h ├── scan_report.cpp ├── scan_report.h ├── scanned_modules.cpp ├── scanned_modules.h ├── scanner.cpp ├── scanner.h ├── thread_scanner.cpp ├── thread_scanner.h ├── workingset_scanner.cpp └── workingset_scanner.h ├── stats ├── entropy.h ├── entropy_stats.h ├── multi_stats.h ├── stats.h ├── stats_analyzer.cpp ├── stats_analyzer.h ├── stats_util.h └── std_dev_calc.h └── utils ├── artefacts_util.cpp ├── artefacts_util.h ├── byte_buffer.h ├── code_patterns.h ├── console_color.cpp ├── console_color.h ├── custom_buffer.h ├── custom_mutex.h ├── format_util.cpp ├── format_util.h ├── modules_enum.cpp ├── modules_enum.h ├── ntddk.h ├── path_converter.cpp ├── path_converter.h ├── path_util.cpp ├── path_util.h ├── process_minidump.cpp ├── process_minidump.h ├── process_privilege.cpp ├── process_privilege.h ├── process_reflection.cpp ├── process_reflection.h ├── process_symbols.h ├── process_util.cpp ├── process_util.h ├── strings_util.cpp ├── strings_util.h ├── syscall_extractor.cpp ├── syscall_extractor.h ├── threads_util.cpp ├── threads_util.h ├── workingset_enum.cpp └── workingset_enum.h /.appveyor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/.appveyor.yml -------------------------------------------------------------------------------- /.github/workflows/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/.github/workflows/main.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/.gitignore -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/.gitmodules -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/CMakeLists.txt -------------------------------------------------------------------------------- /Doxyfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/Doxyfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/README.md -------------------------------------------------------------------------------- /bindings/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/bindings/README.md -------------------------------------------------------------------------------- /bindings/python/demo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/bindings/python/demo.py -------------------------------------------------------------------------------- /bindings/python/pesieve.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/bindings/python/pesieve.py -------------------------------------------------------------------------------- /color_scheme.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/color_scheme.h -------------------------------------------------------------------------------- /dll_main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/dll_main.cpp -------------------------------------------------------------------------------- /include/pe_sieve_api.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/include/pe_sieve_api.h -------------------------------------------------------------------------------- /include/pe_sieve_return_codes.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/include/pe_sieve_return_codes.h -------------------------------------------------------------------------------- /include/pe_sieve_types.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/include/pe_sieve_types.h -------------------------------------------------------------------------------- /logo/128X128.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/128X128.ico -------------------------------------------------------------------------------- /logo/128X128.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/128X128.png -------------------------------------------------------------------------------- /logo/16X16.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/16X16.ico -------------------------------------------------------------------------------- /logo/24X24.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/24X24.ico -------------------------------------------------------------------------------- /logo/32X32.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/32X32.ico -------------------------------------------------------------------------------- /logo/48X48.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/48X48.ico -------------------------------------------------------------------------------- /logo/64X64.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/64X64.ico -------------------------------------------------------------------------------- /logo/PE SIEVE-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/PE SIEVE-icon.png -------------------------------------------------------------------------------- /logo/PE-SIEVE.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/PE-SIEVE.png -------------------------------------------------------------------------------- /logo/PE-SIEVE_small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/PE-SIEVE_small.png -------------------------------------------------------------------------------- /logo/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/logo/favicon.ico -------------------------------------------------------------------------------- /main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/main.cpp -------------------------------------------------------------------------------- /main.def: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/main.def -------------------------------------------------------------------------------- /mingw_build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/mingw_build.sh -------------------------------------------------------------------------------- /params.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/params.h -------------------------------------------------------------------------------- /params_info/params_dump.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/params_info/params_dump.cpp -------------------------------------------------------------------------------- /params_info/params_dump.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/params_info/params_dump.h -------------------------------------------------------------------------------- /params_info/pe_sieve_params_info.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/params_info/pe_sieve_params_info.cpp -------------------------------------------------------------------------------- /params_info/pe_sieve_params_info.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/params_info/pe_sieve_params_info.h -------------------------------------------------------------------------------- /pe-sieve.manifest: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe-sieve.manifest -------------------------------------------------------------------------------- /pe_sieve.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve.cpp -------------------------------------------------------------------------------- /pe_sieve.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve.h -------------------------------------------------------------------------------- /pe_sieve_api.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve_api.cpp -------------------------------------------------------------------------------- /pe_sieve_report.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve_report.h -------------------------------------------------------------------------------- /pe_sieve_res.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve_res.rc -------------------------------------------------------------------------------- /pe_sieve_res_icon.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve_res_icon.rc -------------------------------------------------------------------------------- /pe_sieve_ver_short.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/pe_sieve_ver_short.h -------------------------------------------------------------------------------- /postprocessors/dump_report.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/dump_report.cpp -------------------------------------------------------------------------------- /postprocessors/dump_report.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/dump_report.h -------------------------------------------------------------------------------- /postprocessors/imp_rec/iat_block.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/iat_block.cpp -------------------------------------------------------------------------------- /postprocessors/imp_rec/iat_block.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/iat_block.h -------------------------------------------------------------------------------- /postprocessors/imp_rec/iat_finder.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/iat_finder.h -------------------------------------------------------------------------------- /postprocessors/imp_rec/imp_reconstructor.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/imp_reconstructor.cpp -------------------------------------------------------------------------------- /postprocessors/imp_rec/imp_reconstructor.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/imp_reconstructor.h -------------------------------------------------------------------------------- /postprocessors/imp_rec/import_table_finder.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/import_table_finder.cpp -------------------------------------------------------------------------------- /postprocessors/imp_rec/import_table_finder.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/imp_rec/import_table_finder.h -------------------------------------------------------------------------------- /postprocessors/pe_buffer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/pe_buffer.cpp -------------------------------------------------------------------------------- /postprocessors/pe_buffer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/pe_buffer.h -------------------------------------------------------------------------------- /postprocessors/pe_reconstructor.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/pe_reconstructor.cpp -------------------------------------------------------------------------------- /postprocessors/pe_reconstructor.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/pe_reconstructor.h -------------------------------------------------------------------------------- /postprocessors/report_formatter.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/report_formatter.cpp -------------------------------------------------------------------------------- /postprocessors/report_formatter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/report_formatter.h -------------------------------------------------------------------------------- /postprocessors/results_dumper.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/results_dumper.cpp -------------------------------------------------------------------------------- /postprocessors/results_dumper.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/postprocessors/results_dumper.h -------------------------------------------------------------------------------- /resources.h: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /scanners/artefact_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/artefact_scanner.cpp -------------------------------------------------------------------------------- /scanners/artefact_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/artefact_scanner.h -------------------------------------------------------------------------------- /scanners/code_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/code_scanner.cpp -------------------------------------------------------------------------------- /scanners/code_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/code_scanner.h -------------------------------------------------------------------------------- /scanners/headers_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/headers_scanner.cpp -------------------------------------------------------------------------------- /scanners/headers_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/headers_scanner.h -------------------------------------------------------------------------------- /scanners/hook_targets_resolver.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/hook_targets_resolver.cpp -------------------------------------------------------------------------------- /scanners/hook_targets_resolver.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/hook_targets_resolver.h -------------------------------------------------------------------------------- /scanners/iat_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/iat_scanner.cpp -------------------------------------------------------------------------------- /scanners/iat_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/iat_scanner.h -------------------------------------------------------------------------------- /scanners/mapping_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/mapping_scanner.cpp -------------------------------------------------------------------------------- /scanners/mapping_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/mapping_scanner.h -------------------------------------------------------------------------------- /scanners/mempage_data.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/mempage_data.cpp -------------------------------------------------------------------------------- /scanners/mempage_data.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/mempage_data.h -------------------------------------------------------------------------------- /scanners/module_cache.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/module_cache.cpp -------------------------------------------------------------------------------- /scanners/module_cache.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/module_cache.h -------------------------------------------------------------------------------- /scanners/module_data.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/module_data.cpp -------------------------------------------------------------------------------- /scanners/module_data.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/module_data.h -------------------------------------------------------------------------------- /scanners/module_scan_report.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/module_scan_report.h -------------------------------------------------------------------------------- /scanners/module_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/module_scanner.h -------------------------------------------------------------------------------- /scanners/patch_analyzer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/patch_analyzer.cpp -------------------------------------------------------------------------------- /scanners/patch_analyzer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/patch_analyzer.h -------------------------------------------------------------------------------- /scanners/patch_list.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/patch_list.cpp -------------------------------------------------------------------------------- /scanners/patch_list.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/patch_list.h -------------------------------------------------------------------------------- /scanners/pe_section.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/pe_section.h -------------------------------------------------------------------------------- /scanners/process_details.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/process_details.h -------------------------------------------------------------------------------- /scanners/process_feature_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/process_feature_scanner.h -------------------------------------------------------------------------------- /scanners/scan_report.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/scan_report.cpp -------------------------------------------------------------------------------- /scanners/scan_report.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/scan_report.h -------------------------------------------------------------------------------- /scanners/scanned_modules.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/scanned_modules.cpp -------------------------------------------------------------------------------- /scanners/scanned_modules.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/scanned_modules.h -------------------------------------------------------------------------------- /scanners/scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/scanner.cpp -------------------------------------------------------------------------------- /scanners/scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/scanner.h -------------------------------------------------------------------------------- /scanners/thread_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/thread_scanner.cpp -------------------------------------------------------------------------------- /scanners/thread_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/thread_scanner.h -------------------------------------------------------------------------------- /scanners/workingset_scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/workingset_scanner.cpp -------------------------------------------------------------------------------- /scanners/workingset_scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/scanners/workingset_scanner.h -------------------------------------------------------------------------------- /stats/entropy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/entropy.h -------------------------------------------------------------------------------- /stats/entropy_stats.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/entropy_stats.h -------------------------------------------------------------------------------- /stats/multi_stats.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/multi_stats.h -------------------------------------------------------------------------------- /stats/stats.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/stats.h -------------------------------------------------------------------------------- /stats/stats_analyzer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/stats_analyzer.cpp -------------------------------------------------------------------------------- /stats/stats_analyzer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/stats_analyzer.h -------------------------------------------------------------------------------- /stats/stats_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/stats_util.h -------------------------------------------------------------------------------- /stats/std_dev_calc.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/stats/std_dev_calc.h -------------------------------------------------------------------------------- /utils/artefacts_util.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/artefacts_util.cpp -------------------------------------------------------------------------------- /utils/artefacts_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/artefacts_util.h -------------------------------------------------------------------------------- /utils/byte_buffer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/byte_buffer.h -------------------------------------------------------------------------------- /utils/code_patterns.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/code_patterns.h -------------------------------------------------------------------------------- /utils/console_color.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/console_color.cpp -------------------------------------------------------------------------------- /utils/console_color.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/console_color.h -------------------------------------------------------------------------------- /utils/custom_buffer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/custom_buffer.h -------------------------------------------------------------------------------- /utils/custom_mutex.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/custom_mutex.h -------------------------------------------------------------------------------- /utils/format_util.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/format_util.cpp -------------------------------------------------------------------------------- /utils/format_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/format_util.h -------------------------------------------------------------------------------- /utils/modules_enum.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/modules_enum.cpp -------------------------------------------------------------------------------- /utils/modules_enum.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/modules_enum.h -------------------------------------------------------------------------------- /utils/ntddk.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/ntddk.h -------------------------------------------------------------------------------- /utils/path_converter.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/path_converter.cpp -------------------------------------------------------------------------------- /utils/path_converter.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/path_converter.h -------------------------------------------------------------------------------- /utils/path_util.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/path_util.cpp -------------------------------------------------------------------------------- /utils/path_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/path_util.h -------------------------------------------------------------------------------- /utils/process_minidump.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_minidump.cpp -------------------------------------------------------------------------------- /utils/process_minidump.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_minidump.h -------------------------------------------------------------------------------- /utils/process_privilege.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_privilege.cpp -------------------------------------------------------------------------------- /utils/process_privilege.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_privilege.h -------------------------------------------------------------------------------- /utils/process_reflection.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_reflection.cpp -------------------------------------------------------------------------------- /utils/process_reflection.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_reflection.h -------------------------------------------------------------------------------- /utils/process_symbols.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_symbols.h -------------------------------------------------------------------------------- /utils/process_util.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_util.cpp -------------------------------------------------------------------------------- /utils/process_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/process_util.h -------------------------------------------------------------------------------- /utils/strings_util.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/strings_util.cpp -------------------------------------------------------------------------------- /utils/strings_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/strings_util.h -------------------------------------------------------------------------------- /utils/syscall_extractor.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/syscall_extractor.cpp -------------------------------------------------------------------------------- /utils/syscall_extractor.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/syscall_extractor.h -------------------------------------------------------------------------------- /utils/threads_util.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/threads_util.cpp -------------------------------------------------------------------------------- /utils/threads_util.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/threads_util.h -------------------------------------------------------------------------------- /utils/workingset_enum.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/workingset_enum.cpp -------------------------------------------------------------------------------- /utils/workingset_enum.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hasherezade/pe-sieve/HEAD/utils/workingset_enum.h --------------------------------------------------------------------------------