package
2.0.0+incompatible
Repository: https://github.com/rabbitstack/fibratus.git
Documentation: pkg.go.dev
# Functions
ParseBytes tries to parse the PE from the given byte slice and parser options.
ParseFile parses the PE given the file system path and parser options.
ParseFileWithConfig parses the PE given the file system path and the config which is usually read from the YAML file.
ParseMem parses the in-memory layout of the PE header for the specified process and base address.
WithCLR indicates if CLR (Common Language Runtime) header is parsed.
WithExcludedImages provides a list of image paths for which the parsing is skipped.
WithImphash indicates if the import hash (imphash) is calculated as part of PE parsing.
WithSectionEntropy indicates if entropy is calculated for available sections.
WithSectionMD5 indicates if MD5 hash is calculated for available sections.
WithSections indicates section header is parsed.
WithSecurity indicates if the security directory is parsed to extract signature information like certificates or Authenticode hashes.
WithSymbols indicates import directory is parsed for imported symbols.
WithVersionResources indicates if version resources are parsed from the resource directory.
# Variables
ErrEmptyVArea represents the error which is returned if the VA area couldn't be read.
MaxHeaderSize specifies the maximum size of the PE header.
MinHeaderSize denotes the minimal valid PE header size.
# Type aliases
Option represents the option type for the PE parser.