forked from hasherezade/pe-sieve
-
Notifications
You must be signed in to change notification settings - Fork 1
/
pe_sieve.h
49 lines (39 loc) · 1.18 KB
/
pe_sieve.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/**
* @file
* @brief The root of the PE-sieve scanner.
*/
#pragma once
#include <windows.h>
#include <iostream>
#include <stdexcept>
#include <pe_sieve_version.h>
#include <pe_sieve_types.h>
#include <pe_sieve_return_codes.h>
#include "scanners/scan_report.h"
#include "postprocessors/dump_report.h"
#include "postprocessors/report_formatter.h"
namespace pesieve {
//! The final report about the actions performed on the process: scanning and dumping
class ReportEx {
public:
ReportEx() :
scan_report(nullptr), dump_report(nullptr)
{
}
~ReportEx()
{
delete scan_report;
delete dump_report;
}
ProcessScanReport* scan_report; ///< the report aggregating the results of the performed scans
ProcessDumpReport* dump_report; ///< the report aggregating the results of the performed dumps
};
//! The string with the basic information about the scanner.
std::string info();
//! The main action performed by PE-sieve: scanning the process and dumping the detected material.
/**
\param args : the configuration of the scan (defined as t_params)
\return A pointer to the generated report (of type ReportEx)
*/
ReportEx* scan_and_dump(IN const pesieve::t_params args);
};