Trees       Indices       Help   
Rekall Memory Forensics
Package rekall :: Package plugins :: Package response :: Module windows
[frames] | no frames]

Module windows

source code

Windows specific response plugins.

Classes
  WmiResult
Represent WMI result.
  Wmi
Executes a WMI query and returns results.
  WindowsRootFileInformation
A special FileInformation class to handle windows drives.
  WindowsFileInformation
  LiveModule
Address resolver modules accessed through APIs.
  WinAPIAddressResponse
Address resolver for windows API access.
Functions
 
get_drives()
List all the drives on this system.		 source code
   Trees       Indices       Help   
Rekall Memory Forensics
Generated by Epydoc 3.0.1 on Mon Oct 9 03:27:47 2017 http://epydoc.sourceforge.net