Package vtrace :: Package tools :: Module win32stealth :: Class StealthPeb
[hide private]
[frames] | no frames]

Class StealthPeb

source code


Disables the "BeingDebugged" and "NtGlobalFlag" flags in the PEB. Also modifies heap flags that indicate debugging.

Instance Methods [hide private]
 
__init__(self) source code
 
isPatched(self) source code
 
writeBeingDebugged(self, trace, val) source code
 
writeProcessHeapFlags(self, trace, val) source code
 
writeNtGlobalFlag(self, trace, val) source code
 
enablePatch(self, trace) source code
 
disablePatch(self, trace) source code

Inherited from StealthBreak: getName, notify

Method Details [hide private]

__init__(self)
(Constructor)

source code 
Overrides: StealthBreak.__init__

isPatched(self)

source code 
Overrides: StealthBreak.isPatched

enablePatch(self, trace)

source code 
Overrides: StealthBreak.enablePatch

disablePatch(self, trace)

source code 
Overrides: StealthBreak.disablePatch