25 #ifndef _DOCA_APSH_ATTR__H_
26 #define _DOCA_APSH_ATTR__H_
uint64_t DOCA_APSH_PROCESS_LINUX_STATE_TYPE
process state type
int DOCA_APSH_VADS_LIMIT_TYPE
limit of vads number
int DOCA_APSH_ATTESTATION_PAGES_PRESENT_TYPE
attestation pages present type
uint32_t DOCA_APSH_LINUX_INTERFACE_NAMESPACE_TYPE
linux namespace
const char * DOCA_APSH_PRIVILEGES_NAME_TYPE
privilege name type
int DOCA_APSH_THREADS_LIMIT_TYPE
limit of threads number
unsigned char * DOCA_APSH_LINUX_INTERFACE_IPV4_PREFIX_LEN_ARR_TYPE
linux inteface IPV4 prefix len
uint32_t * DOCA_APSH_LINUX_INTERFACE_IPV6_PREFIX_LEN_ARR_TYPE
linux IPV6 prefix len
uint8_t DOCA_APSH_THREAD_WINDOWS_SUSPEND_COUNT_TYPE
thread suspend count type
const char * DOCA_APSH_LIB_WINDOWS_DLL_NAME_TYPE
lib dll name type
const char * DOCA_APSH_NETSCAN_LINUX_TYPE_TYPE
netscan linux connection Type
char ** DOCA_APSH_LINUX_INTERFACE_MAC_ARR_TYPE
linux interface mac address array
doca_apsh_proc_file_details_attr
doca app shield process file details attributes
uint32_t DOCA_APSH_PROCESS_SID_PID_TYPE
SID process id.
uint64_t DOCA_APSH_PROCESS_CPU_TIME_TYPE
process cpu time type
uint32_t DOCA_APSH_LIB_PID_TYPE
lib pid type
uint64_t DOCA_APSH_ENVARS_WINDOWS_BLOCK_TYPE
envars windows block address type
uint32_t DOCA_APSH_PROCESS_WINDOWS_THREADS_TYPE
process threads type
uint64_t DOCA_APSH_HANDLE_VALUE_TYPE
handle value type
char * DOCA_APSH_OS_SYMBOL_MAP_TYPE
os symbol map path
enum doca_apsh_system_os DOCA_APSH_OS_TYPE_TYPE
os type
doca_apsh_interface_attr
doca app shield interface attributes
uint32_t DOCA_APSH_SCAN_WIN_SIZE_TYPE
yara scan window size
const char * DOCA_APSH_PROCESS_PARAMETERS_CMD_LINE_TYPE
process-parameters command line
uint32_t DOCA_APSH_ATTESTATION_PID_TYPE
attestation pid type
const char * DOCA_APSH_ENVARS_VARIABLE_TYPE
envars variable type
uint32_t DOCA_APSH_PROCESS_SID_ATTRIBUTES_TYPE
SID attributes flag.
doca_apsh_envar_attr
doca app shield envars attributes
uint32_t DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_IN_TYPE
netscan linux connection TCP segments in
int DOCA_APSH_LIBS_LIMIT_TYPE
limit of libs number
const char * DOCA_APSH_INJECTION_DETECT_VAD_TAG_TYPE
injection detect VAD pool tag type
const char * DOCA_APSH_ATTESTATION_PROTECTION_TYPE
attestation protection type
uint64_t DOCA_APSH_PROCESS_WINDOWS_OFFSET_TYPE
process offset type
bool DOCA_APSH_ATTESTATION_HASH_DATA_IS_PRESENT_TYPE
attestation hash data is present type
const char * DOCA_APSH_NETSCAN_LOCAL_ADDR_TYPE
netscan connection local address
uint64_t DOCA_APSH_HANDLE_ACCESS_TYPE
handle access type
const char * DOCA_APSH_PROCESS_FILE_DETAILS_PATH_TYPE
process file details path type
uint32_t DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR_SIZE_TYPE
netscan linux interface IPV4 array size
doca_apsh_privilege_attr
doca app shield privileges attributes windows privilege list can be found on: https://docs....
doca_apsh_lib_attr
doca app shield lib attributes
uint32_t DOCA_APSH_PROCESS_LINUX_NS_NET_TYPE
process network namespace type
uint64_t DOCA_APSH_ATTESTATION_START_ADDRESS_TYPE
attestation start address type
const char * DOCA_APSH_HANDLE_NAME_TYPE
handle name type
uint32_t DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR_SIZE_TYPE
netscan linux interface MAC array size
doca_apsh_handle_attr
doca app shield handle attributes
bool DOCA_APSH_PRIVILEGES_WINDOWS_PRESENT_TYPE
privilege windows present type
char ** DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR_TYPE
netscan interface IPV4 array
char ** DOCA_APSH_LINUX_INTERFACE_IPV6_ARR_TYPE
linux interface IPV6
int DOCA_APSH_HASHTEST_LIMIT_TYPE
limit of vm areas to attest
doca_apsh_netscan_attr
doca app shield netscan attributes
uint32_t DOCA_APSH_LINUX_INTERFACE_IPV4_ARR_SIZE_TYPE
linux IPV4 adrress array size
doca_apsh_ldrmodule_attr
doca app shield LDR-Modules attributes
uint32_t DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_OUT_TYPE
netscan linux connection TCP segments out
doca_apsh_injection_detect_attr
doca app shield injection detect attributes
doca_apsh_vad_attr
doca app shield virtual address descriptor attributes
doca_apsh_system_config_attr
doca app shield configuration attributes
bool DOCA_APSH_LDRMODULE_WINDOWS_INLOAD_TYPE
ldrmodule inload type
const char * DOCA_APSH_MODULES_NAME_TYPE
module name type
const char * DOCA_APSH_NETSCAN_COMM_TYPE
netscan process name
uint64_t DOCA_APSH_VMA_OFFSET_TYPE
vma offset type
const char * DOCA_APSH_NETSCAN_LINUX_FAMILY_TYPE
netscan linux connection Family
uint64_t DOCA_APSH_PROCESS_WINDOWS_EXIT_TIME_TYPE
process exit time type
const char * DOCA_APSH_NETSCAN_PROTOCOL_TYPE
netscan connection protocol
const char * DOCA_APSH_LDRMODULE_LIBRARY_PATH_TYPE
ldrmodule library path type
bool DOCA_APSH_PRIVILEGES_IS_ON_TYPE
privilege is on type
uint32_t DOCA_APSH_SCAN_WIN_STEP_TYPE
yara scan window step
const char * DOCA_APSH_CONTAINER_ID_TYPE
container id type
doca_apsh_attestation_attr
doca app shield attestation attributes
const char * DOCA_APSH_YARA_RULE_TYPE
rule name
uint64_t DOCA_APSH_PROCESS_PARAMETERS_IMAGE_BASE_ADDR_TYPE
process-parameters image base address
struct doca_dev_rep * DOCA_APSH_VHCA_ID_TYPE
vhca id
uint32_t DOCA_APSH_LDRMODULE_PID_TYPE
ldrmodule pid type
char * DOCA_APSH_MEM_REGION_TYPE
memory region path
uint64_t DOCA_APSH_YARA_MATCH_WINDOW_LEN_TYPE
length of the scan window of the match
uint64_t DOCA_APSH_NETSCAN_LINUX_SOCKET_OFFSET_TYPE
netscan linux connection socket offset
bool DOCA_APSH_LDRMODULE_WINDOWS_ININIT_TYPE
ldrmodule ininit type
uint32_t DOCA_APSH_NETSCAN_LINUX_FD_TYPE
netscan linux connection file descriptor
uint64_t DOCA_APSH_VMA_VM_START_TYPE
vma vm start type
const char * DOCA_APSH_PROCESS_COMM_TYPE
process comm type
const char * DOCA_APSH_NETSCAN_LINUX_FILTER_TYPE
netscan linux connection filter
char * DOCA_APSH_KPGD_FILE_TYPE
kpgd file path
uint64_t DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_START_TYPE
injection detect suspected area start type
char * DOCA_APSH_OS_SYMBOL_MAP_FOLDER_TYPE
os symbol map folder path
int DOCA_APSH_ATTESTATION_MATCHING_HASHES_TYPE
attestation matching hashes type
uint64_t DOCA_APSH_LIB_LOAD_ADRESS_TYPE
lib load address for both Windows and Linux
char * DOCA_APSH_NETSCAN_LINUX_INTERFACE_NAME_TYPE
netscan linux interface name
uint32_t DOCA_APSH_PROCESS_PARAMETERS_PID_TYPE
process-parameters pid
uint64_t DOCA_APSH_THREAD_STATE_TYPE
thread state type
char ** DOCA_APSH_LINUX_INTERFACE_IPV4_ARR_TYPE
linux interface IPV4
const char * DOCA_APSH_VMA_FILE_PATH_TYPE
vma file path type
char ** DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR_TYPE
netscan linux interface MAC array
doca_apsh_process_parameters_attr
doca app shield process-parameters attributes
uint32_t DOCA_APSH_PROCESS_LINUX_GID_TYPE
process gid type
const char * DOCA_APSH_ENVARS_VALUE_TYPE
envars value type
uint64_t DOCA_APSH_YARA_MATCH_WINDOW_ADDR_TYPE
virtual address of the scan window of the match
uint32_t DOCA_APSH_LIB_WINDOWS_SIZE_OF_IMAGE_TYPE
lib size of image type
uint32_t DOCA_APSH_THREAD_PID_TYPE
thread pid type
doca_apsh_yara_rule
available doca app shield yara rules
uint32_t DOCA_APSH_PROCESS_LINUX_NS_PID_TYPE
process PID namespace type
uint64_t DOCA_APSH_PROCESS_FILE_DETAILS_SIZE_TYPE
process file details file size type
const char * DOCA_APSH_ATTESTATION_PATH_OF_MEMORY_AREA_TYPE
attestation path of memory area type
uint32_t DOCA_APSH_PROCESS_PPID_TYPE
process pid type
const char * DOCA_APSH_NETSCAN_WINDOWS_TIME_TYPE
netscan windows connection creation time
const char * DOCA_APSH_LIB_LIBRARY_PATH_TYPE
lib loaded library path type
uint32_t DOCA_APSH_MODULES_SIZE_TYPE
module size type
uint64_t DOCA_APSH_NETSCAN_REMOTE_PORT_TYPE
netscan connection remote port
uint32_t DOCA_APSH_LDRMODULE_WINDOWS_SIZE_OF_IMAGE_TYPE
ldrmodule size of image type
uint64_t DOCA_APSH_THREAD_WINDOWS_OFFSET_TYPE
thread offset type
uint32_t DOCA_APSH_YARA_PID_TYPE
pid of the process
uint32_t DOCA_APSH_PROCESS_LINUX_NS_MNT_TYPE
process mount namespace type
const char * DOCA_APSH_PROCESS_FILE_DETAILS_ELF_TYPE_TYPE
process file details elf type type
uint32_t DOCA_APSH_PROCESS_PID_TYPE
process pid type
uint64_t DOCA_APSH_MODULES_OFFSET_TYPE
module offset type
const char * DOCA_APSH_NETSCAN_STATE_TYPE
netscan connection state
int DOCA_APSH_MODULES_LIMIT_TYPE
limit of modules number
const char * DOCA_APSH_INJECTION_DETECT_VAD_PROTECTION_TYPE
injection detect VAD protection type
doca_apsh_sid_attr
doca app shield SID (security identifiers) attributes
uint32_t DOCA_APSH_NETSCAN_PID_TYPE
netscan process id
uint32_t DOCA_APSH_THREAD_TID_TYPE
thread tid type
const char * DOCA_APSH_VMA_WINDOWS_TAG_TYPE
vma tag type
doca_apsh_yara_scan_type
doca app shield yara scan type bitmask
int DOCA_APSH_ATTESTATION_PAGES_NUMBER_TYPE
attestation pages number type
uint32_t DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR_SIZE_TYPE
netscan linux interface IPV6 array size
int DOCA_APSH_FILESIZE_LIMIT_TYPE
limit of parsed files size
uint64_t DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_SENT_TYPE
netscan linux connection TCP sent bytes
uint64_t DOCA_APSH_INJECTION_DETECT_VAD_START_TYPE
injection detect VAD start address type
uint64_t DOCA_APSH_NETSCAN_LOCAL_PORT_TYPE
netscan connection local port
uint32_t DOCA_APSH_ENVARS_PID_TYPE
envars pid type
uint32_t DOCA_APSH_VMA_WINDOWS_PRIVATE_MEMORY_TYPE
vma private memory type
const char * DOCA_APSH_LDRMODULE_WINDOWS_DLL_NAME_TYPE
ldrmodule windows dll name type
const char * DOCA_APSH_NETSCAN_TIME_TYPE
netscan windows connection creation time - depricated
bool DOCA_APSH_LDRMODULE_WINDOWS_INMEM_TYPE
ldrmodule inmem type
const char * DOCA_APSH_NETSCAN_REMOTE_ADDR_TYPE
netscan connection remote address
uint32_t DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_IN_TYPE
netscan linux connection TCP data segments in
doca_apsh_module_attr
doca app shield module attributes
uint64_t DOCA_APSH_HANDLE_TABLE_ENTRY_TYPE
handle table entry type
uint64_t DOCA_APSH_LIB_LINUX_LOAD_ADRESS_TYPE
lib load address for Linux
uint64_t DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_ACKED_TYPE
netscan linux connection TCP acknowledged bytes
int DOCA_APSH_PROCESS_LIMIT_TYPE
limit of processes number
uint32_t DOCA_APSH_PROCESS_FILE_DETAILS_PID_TYPE
process file details pid type
uint64_t DOCA_APSH_INJECTION_DETECT_VAD_END_TYPE
injection detect VAD end address type
uint32_t DOCA_APSH_INJECTION_DETECT_PID_TYPE
injection detect pid type
const char * DOCA_APSH_YARA_COMM_TYPE
name of the process
int DOCA_APSH_STRING_LIMIT_TYPE
length limit of apsh_read_str
uint64_t DOCA_APSH_LDRMODULE_BASE_ADDRESS_TYPE
ldrmodule base address type
const char * DOCA_APSH_PROCESS_FILE_DETAILS_SHA256_TYPE
process file details sha256 type
uint64_t DOCA_APSH_PROCESS_FILE_DETAILS_INODE_ADDRESS_TYPE
process file details inode address type
uint64_t DOCA_APSH_VMA_VM_END_TYPE
vma vm end type
int DOCA_APSH_WINDOWS_ENVARS_LIMIT_TYPE
length limit of envars for windows
const char * DOCA_APSH_LINUX_INTERFACE_NAME_TYPE
linux interface name
uint64_t DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_RECEIVED_TYPE
netscan linux connection TCP received bytes
bool DOCA_APSH_PRIVILEGES_WINDOWS_DEFAULT_TYPE
privilege windows enabled by default type
const char * DOCA_APSH_PROCESS_PARAMETERS_IMAGE_FULL_PATH_TYPE
process-parameters image full path
bool DOCA_APSH_PRIVILEGES_WINDOWS_ENABLED_TYPE
privilege windows enabled type
doca_apsh_yara_attr
doca app shield yara attributes
uint32_t DOCA_APSH_NETSCAN_LINUX_NET_NAMESPACE_TYPE
netscan linux connection net namespace
const char * DOCA_APSH_ATTESTATION_COMM_TYPE
attestation comm type
uint8_t DOCA_APSH_THREAD_WINDOWS_WAIT_REASON_TYPE
thread wait reason type
doca_apsh_thread_attr
doca app shield thread attributes
uint64_t DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_END_TYPE
injection detect suspected area end type
const char * DOCA_APSH_VMA_PROTECTION_TYPE
vma protection type
const char * DOCA_APSH_PROCESS_FILE_DETAILS_SHA1_TYPE
process file details sha1 type
const char * DOCA_APSH_HANDLE_TYPE_TYPE
handle type type
uint32_t DOCA_APSH_VMA_WINDOWS_COMMIT_CHARGE_TYPE
vma commit charge type
const char * DOCA_APSH_THREAD_LINUX_PROC_NAME_TYPE
thread proc name type
uint64_t DOCA_APSH_ATTESTATION_END_ADDRESS_TYPE
attestation end address type
const char * DOCA_APSH_PROCESS_SID_STRING_TYPE
SID strings.
uint32_t DOCA_APSH_LINUX_INTERFACE_IPV6_ARR_SIZE_TYPE
linux IPV6 adrress array size
uint32_t DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_OUT_TYPE
netscan linux connection TCP data segments out
const char * DOCA_APSH_INJECTION_DETECT_VAD_FILE_PATH_TYPE
injection detect VAD file path type
doca_apsh_container_attr
doca app shield process attributes
uint64_t DOCA_APSH_PROCESS_FILE_DETAILS_INODE_TYPE
process file details inode number type
doca_apsh_system_os
system os types
uint32_t DOCA_APSH_VMA_PID_TYPE
vma pid type
char ** DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR_TYPE
netscan linux interface IPV6 array
uint32_t DOCA_APSH_PRIVILEGES_PID_TYPE
privilege process pid
const char * DOCA_APSH_VMA_PROCESS_NAME_TYPE
vma file path type
uint32_t DOCA_APSH_HANDLE_PID_TYPE
handle pid type
uint32_t DOCA_APSH_PROCESS_LINUX_UID_TYPE
process uid type
struct doca_dev * DOCA_APSH_DMA_DEV_TYPE
dma dev name
uint32_t DOCA_APSH_LINUX_INTERFACE_MAC_ARR_SIZE_TYPE
linux interface mac address array size
doca_apsh_process_attr
doca app shield process attributes
const char * DOCA_APSH_THREAD_LINUX_THREAD_NAME_TYPE
thread thread name type
@ DOCA_APSH_PROCESS_FILE_DETAILS_SIZE
@ DOCA_APSH_PROCESS_FILE_DETAILS_SHA256
@ DOCA_APSH_PROCESS_FILE_DETAILS_PID
@ DOCA_APSH_PROCESS_FILE_DETAILS_SHA1
@ DOCA_APSH_PROCESS_FILE_DETAILS_ELF_TYPE
@ DOCA_APSH_PROCESS_FILE_DETAILS_INODE_ADDRESS
@ DOCA_APSH_PROCESS_FILE_DETAILS_PATH
@ DOCA_APSH_PROCESS_FILE_DETAILS_INODE
@ DOCA_APSH_LINUX_INTERFACE_IPV6_PREFIX_LEN_ARR
@ DOCA_APSH_LINUX_INTERFACE_IPV4_ARR
@ DOCA_APSH_LINUX_INTERFACE_IPV6_ARR
@ DOCA_APSH_LINUX_INTERFACE_MAC_ARR_SIZE
@ DOCA_APSH_LINUX_INTERFACE_MAC_ARR
@ DOCA_APSH_LINUX_INTERFACE_IPV4_ARR_SIZE
@ DOCA_APSH_LINUX_INTERFACE_NAME
@ DOCA_APSH_LINUX_INTERFACE_NAMESPACE
@ DOCA_APSH_LINUX_INTERFACE_IPV6_ARR_SIZE
@ DOCA_APSH_LINUX_INTERFACE_IPV4_PREFIX_LEN_ARR
@ DOCA_APSH_ENVARS_VARIABLE
@ DOCA_APSH_ENVARS_WINDOWS_BLOCK
@ DOCA_APSH_PRIVILEGES_IS_ON
@ DOCA_APSH_PRIVILEGES_WINDOWS_ENABLED
@ DOCA_APSH_PRIVILEGES_WINDOWS_PRESENT
@ DOCA_APSH_PRIVILEGES_PID
@ DOCA_APSH_PRIVILEGES_NAME
@ DOCA_APSH_PRIVILEGES_WINDOWS_DEFAULT
@ DOCA_APSH_LIB_LINUX_LOAD_ADRESS
@ DOCA_APSH_LIB_WINDOWS_SIZE_OF_IMAGE
@ DOCA_APSH_LIB_LOAD_ADRESS
@ DOCA_APSH_LIB_LIBRARY_PATH
@ DOCA_APSH_LIB_WINDOWS_DLL_NAME
@ DOCA_APSH_HANDLE_TABLE_ENTRY
@ DOCA_APSH_HANDLE_ACCESS
@ DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_IN
@ DOCA_APSH_NETSCAN_WINDOWS_TIME
@ DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_ACKED
@ DOCA_APSH_NETSCAN_REMOTE_PORT
@ DOCA_APSH_NETSCAN_STATE
@ DOCA_APSH_NETSCAN_LINUX_SOCKET_OFFSET
@ DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_SENT
@ DOCA_APSH_NETSCAN_LINUX_TCP_DATA_SEGS_OUT
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR_SIZE
@ DOCA_APSH_NETSCAN_LINUX_FD
@ DOCA_APSH_NETSCAN_LINUX_TCP_BYTES_RECEIVED
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR_SIZE
@ DOCA_APSH_NETSCAN_LINUX_FILTER
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_NAME
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV4_ARR
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_MAC_ARR
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR
@ DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_IN
@ DOCA_APSH_NETSCAN_LINUX_INTERFACE_IPV6_ARR_SIZE
@ DOCA_APSH_NETSCAN_PROTOCOL
@ DOCA_APSH_NETSCAN_REMOTE_ADDR
@ DOCA_APSH_NETSCAN_LOCAL_PORT
@ DOCA_APSH_NETSCAN_LINUX_TYPE
@ DOCA_APSH_NETSCAN_LINUX_NET_NAMESPACE
@ DOCA_APSH_NETSCAN_LINUX_FAMILY
@ DOCA_APSH_NETSCAN_LINUX_TCP_SEGS_OUT
@ DOCA_APSH_NETSCAN_LOCAL_ADDR
@ DOCA_APSH_LDRMODULE_WINDOWS_DLL_NAME
@ DOCA_APSH_LDRMODULE_WINDOWS_INMEM
@ DOCA_APSH_LDRMODULE_WINDOWS_ININIT
@ DOCA_APSH_LDRMODULE_LIBRARY_PATH
@ DOCA_APSH_LDRMODULE_BASE_ADDRESS
@ DOCA_APSH_LDRMODULE_WINDOWS_SIZE_OF_IMAGE
@ DOCA_APSH_LDRMODULE_WINDOWS_INLOAD
@ DOCA_APSH_LDRMODULE_PID
@ DOCA_APSH_INJECTION_DETECT_VAD_START
@ DOCA_APSH_INJECTION_DETECT_VAD_FILE_PATH
@ DOCA_APSH_INJECTION_DETECT_VAD_END
@ DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_END
@ DOCA_APSH_INJECTION_DETECT_PID
@ DOCA_APSH_INJECTION_DETECT_VAD_PROTECTION
@ DOCA_APSH_INJECTION_DETECT_VAD_TAG
@ DOCA_APSH_INJECTION_DETECT_SUSPECTED_AREA_START
@ DOCA_APSH_VMA_PROCESS_NAME
@ DOCA_APSH_VMA_WINDOWS_TAG
@ DOCA_APSH_VMA_WINDOWS_PRIVATE_MEMORY
@ DOCA_APSH_VMA_WINDOWS_COMMIT_CHARGE
@ DOCA_APSH_VMA_FILE_PATH
@ DOCA_APSH_VMA_PROTECTION
@ DOCA_APSH_HANDLES_LIMIT
@ DOCA_APSH_SCAN_WIN_STEP
@ DOCA_APSH_OS_SYMBOL_MAP_FOLDER
@ DOCA_APSH_LDRMODULES_LIMIT
@ DOCA_APSH_WINDOWS_ENVARS_LIMIT
@ DOCA_APSH_SCAN_WIN_SIZE
@ DOCA_APSH_THREADS_LIMIT
@ DOCA_APSH_PROCESS_LIMIT
@ DOCA_APSH_OS_SYMBOL_MAP
@ DOCA_APSH_FILESIZE_LIMIT
@ DOCA_APSH_MODULES_LIMIT
@ DOCA_APSH_HASHTEST_LIMIT
@ DOCA_APSH_ATTESTATION_START_ADDRESS
@ DOCA_APSH_ATTESTATION_HASH_DATA_IS_PRESENT
@ DOCA_APSH_ATTESTATION_PAGES_PRESENT
@ DOCA_APSH_ATTESTATION_PAGES_NUMBER
@ DOCA_APSH_ATTESTATION_MATCHING_HASHES
@ DOCA_APSH_ATTESTATION_PROTECTION
@ DOCA_APSH_ATTESTATION_PATH_OF_MEMORY_AREA
@ DOCA_APSH_ATTESTATION_END_ADDRESS
@ DOCA_APSH_ATTESTATION_COMM
@ DOCA_APSH_ATTESTATION_PID
@ DOCA_APSH_PROCESS_PARAMETERS_IMAGE_FULL_PATH
@ DOCA_APSH_PROCESS_PARAMETERS_PID
@ DOCA_APSH_PROCESS_PARAMETERS_CMD_LINE
@ DOCA_APSH_PROCESS_PARAMETERS_IMAGE_BASE_ADDR
@ DOCA_APSH_YARA_RULE_MIMIKATZ
@ DOCA_APSH_YARA_RULE_REFLECTIVE_DLL_INJECTION
@ DOCA_APSH_YARA_RULE_HELLO_WORLD
@ DOCA_APSH_PROCESS_SID_ATTRIBUTES
@ DOCA_APSH_PROCESS_SID_STRING
@ DOCA_APSH_PROCESS_SID_PID
@ DOCA_APSH_YARA_SCAN_VMA
@ DOCA_APSH_YARA_SCAN_HEAP
@ DOCA_APSH_MODULES_OFFSET
@ DOCA_APSH_YARA_MATCH_WINDOW_LEN
@ DOCA_APSH_YARA_MATCH_WINDOW_ADDR
@ DOCA_APSH_THREAD_LINUX_THREAD_NAME
@ DOCA_APSH_THREAD_LINUX_PROC_NAME
@ DOCA_APSH_THREAD_WINDOWS_WAIT_REASON
@ DOCA_APSH_THREAD_WINDOWS_SUSPEND_COUNT
@ DOCA_APSH_THREAD_WINDOWS_OFFSET
@ DOCA_APSH_SYSTEM_WINDOWS
@ DOCA_APSH_PROCESS_CPU_TIME
@ DOCA_APSH_PROCESS_WINDOWS_OFFSET
@ DOCA_APSH_PROCESS_LINUX_UID
@ DOCA_APSH_PROCESS_WINDOWS_THREADS
@ DOCA_APSH_PROCESS_LINUX_STATE
@ DOCA_APSH_PROCESS_LINUX_NS_MNT
@ DOCA_APSH_PROCESS_LINUX_NS_PID
@ DOCA_APSH_PROCESS_WINDOWS_EXIT_TIME
@ DOCA_APSH_PROCESS_LINUX_GID
@ DOCA_APSH_PROCESS_LINUX_NS_NET
1.9.1