libintrovirt v0.57.4
IntroVirt introspection library
Loading...
Searching...
No Matches
Functions
ivprocinfo.cc File Reference
#include <introvirt/introvirt.hh>
#include <boost/algorithm/string.hpp>
#include <boost/program_options.hpp>
#include <iostream>
#include <set>
#include <string>
#include <vector>
Include dependency graph for ivprocinfo.cc:

Functions

void parse_program_options (int argc, char **argv, po::options_description &desc, po::variables_map &vm)
 
void print_process (const PROCESS &process)
 
void print_token (const PROCESS &process)
 
void getPEVersionData (const PE &pe, std::map< std::string, std::string > &result)
 
void print_peb (const PROCESS &process, bool WoW64Process)
 
void print_vad (const PROCESS &process)
 
void print_environment (const PROCESS &process)
 
void print_handles (const nt::NtKernel &kernel, const PROCESS &process)
 
void print_threads (const PROCESS &process)
 
int main (int argc, char **argv)
 

Function Documentation

◆ getPEVersionData()

void getPEVersionData ( const PE pe,
std::map< std::string, std::string > &  result 
)

Retrieve PE version data for the given PE instance

Examples
ivprocinfo.cc.

◆ main()

int main ( int  argc,
char **  argv 
)

◆ parse_program_options()

void parse_program_options ( int  argc,
char **  argv,
po::options_description &  desc,
po::variables_map &  vm 
)

Parse command line options here

◆ print_environment()

void print_environment ( const PROCESS process)
Examples
ivprocinfo.cc.

◆ print_handles()

void print_handles ( const nt::NtKernel kernel,
const PROCESS process 
)
Examples
ivprocinfo.cc.

◆ print_peb()

void print_peb ( const PROCESS process,
bool  WoW64Process 
)
Examples
ivprocinfo.cc.

◆ print_process()

void print_process ( const PROCESS process)
Examples
ivprocinfo.cc.

◆ print_threads()

void print_threads ( const PROCESS process)
Examples
ivprocinfo.cc.

◆ print_token()

void print_token ( const PROCESS process)
Examples
ivprocinfo.cc.

◆ print_vad()

void print_vad ( const PROCESS process)
Examples
ivprocinfo.cc.