Replaces calls to Windows API functions (GetModuleHandleA) with a void pointer parameter.
Simplifies pattern scanning for loaded modules by removing Windows-specific code and replacing it with a generic approach.
Refactors the PE scanner implementation to group related definitions and functions within namespaces.
This improves code organization and readability, particularly for internal PE handling and scanning logic.
The included link to the `linux-pe` repository served as a reference during this refactoring.
Simplifies the PE pattern scanner by removing the redundant `extract_section_from_pe_file` function.
The extracted data is now returned directly from a new `ExtractedSection` struct within the main scanning function, streamlining the code and reducing duplication. This improves readability and maintainability of the PE scanner.
Simplifies NtHeaderVariant structure by removing redundant field declarations.
This improves code readability and reduces unnecessary code duplication.
Moves the `NtHeaderVariant` definition outside the unnamed namespace,
to avoid repetition and improve code consistency.
This change is part of the ongoing work on feature/hide_pe_defs.
Enables users to specify the target section name when scanning a PE file for a pattern.
This provides more flexibility in locating patterns within a PE file, as it's not limited to the ".text" section.
Simplifies PE header reading and validation logic, extracting common functionality into helper functions.
Introduces `get_nt_header_from_file` to handle both x86 and x64 PE headers.
Adds validation checks for both DOS and NT headers to ensure file integrity.
Improves code readability and maintainability by reducing redundancy in header parsing.
Relates to feature/pe_scanner
Simplifies pattern scanner logic by removing conditional compilation for non-Windows platforms.
The error handling previously thrown on non-Windows platforms was unnecessary as this functionality is not intended for those systems. This change streamlines the code and removes a misleading error message.
Updates the PE scanner implementation to support both 32-bit and 64-bit architectures.
Leverages `std::variant` and a generic `ImageNtHeaders` to abstract architecture-specific details.
Simplifies the logic for retrieving section data, generalizing the process for improved maintainability.
Initializes infrastructure for PE file scanning.
Adds data structures for PE headers (DOS, optional, section),
including user-defined types for section characteristics.
Refactors existing pattern scanning code to utilize new PE data structures.
Adds basic parsing of PE headers.
Defines `DosHeader` and `FileHeader` structures to represent PE file header information.
Includes definitions for `MachineId` enum and `FileCharacteristics` union.
These definitions are prerequisite for PE file parsing and analysis.
Adds functionality to extract a specific section from a PE file and scan for a given pattern within that section.
Introduces `extract_section_from_pe_file` to isolate a section, enabling more targeted pattern searches.
Overhauls `scan_for_pattern_in_file` to utilize extracted section data and improve accuracy.
