Trees       Indices       Help   
Rekall Memory Forensics
Package rekall :: Package plugins :: Module guess_profile
[frames] | no frames]

Module guess_profile

source code

This module guesses the current profile using various heuristics.

Author: Michael Cohen <scudette@gmail.com>

Classes
  DetectionMethod
A baseclass to implement autodetection methods.
  WindowsIndexDetector
Apply the windows index to detect the profile.
  PEImageFileDetector
  WindowsRSDSDetector
A detection method based on the scanning for RSDS signatures.
  WindowsKernelImageDetector
  LinuxIndexDetector
A kernel detector that uses live symbols to do exact matching.
  LinuxBannerDetector
Detect a linux kernel from its banner text.
  DarwinIndexDetector
Detect the Darwin version using the index.
  KernelASHook
A ParameterHook for default_address_space.
  ProfileHook
If the profile is not specified, we guess it.
Variables
  __package__ = 'rekall.plugins'
   Trees       Indices       Help   
Rekall Memory Forensics
Generated by Epydoc 3.0.1 on Mon Oct 9 03:27:46 2017 http://epydoc.sourceforge.net