Package vtrace :: Package tools :: Module win32stealth :: Class StealthPeb
[hide private]
[frames] | no frames]

Class StealthPeb

source code

Disables the "BeingDebugged" and "NtGlobalFlag" flags in the PEB. Also modifies heap flags that indicate debugging.

Instance Methods [hide private]
__init__(self) source code
isPatched(self) source code
writeBeingDebugged(self, trace, val) source code
writeProcessHeapFlags(self, trace, val) source code
writeNtGlobalFlag(self, trace, val) source code
enablePatch(self, trace) source code
disablePatch(self, trace) source code

Inherited from StealthBreak: getName, notify

Method Details [hide private]


source code 
Overrides: StealthBreak.__init__


source code 
Overrides: StealthBreak.isPatched

enablePatch(self, trace)

source code 
Overrides: StealthBreak.enablePatch

disablePatch(self, trace)

source code 
Overrides: StealthBreak.disablePatch