mirror-ac/user/km/kmanager.h
2024-01-11 20:16:55 +11:00

43 lines
No EOL
1.2 KiB
C++

#ifndef KMANAGER_H
#define KMANAGER_H
#include <windows.h>
#include "..\client.h"
#include "..\threadpool.h"
#include "driver.h"
namespace kernelmode {
class KManager
{
std::unique_ptr<Driver> driver_interface;
std::shared_ptr<global::ThreadPool> thread_pool;
VOID StartIoCompletionPortThread();
public:
KManager(LPCWSTR DriverName,
std::shared_ptr<global::ThreadPool> ThreadPool,
std::shared_ptr<global::Client> ReportInterface);
VOID RunNmiCallbacks();
VOID VerifySystemModuleDriverObjects();
VOID MonitorCallbackReports();
VOID DetectSystemVirtualization();
VOID EnumerateHandleTables();
VOID RequestModuleExecutableRegionsForIntegrityCheck();
VOID ScanPoolsForUnlinkedProcesses();
VOID PerformIntegrityCheck();
VOID CheckForAttachedThreads();
VOID ValidateProcessModules();
VOID SendClientHardwareInformation();
VOID InitiateApcStackwalkOperation();
VOID CheckForEptHooks();
VOID StackwalkThreadsViaDpc();
VOID ValidateSystemModules();
VOID InsertIrpIntoIrpQueue();
};
}
#endif