Trees | Indices | Help |
|
---|
|
Scan a Vista, 2008 or Windows 7 image for connections and sockets
Nested Classes | |
__metaclass__ Automatic Plugin Registration through metaclasses. (Inherited from rekall.plugin.Command) |
|
top_level_class A command can be run from the rekall command line. (Inherited from rekall.plugin.Command) |
Instance Methods | |||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
Inherited from |
Class Methods | |||
|
|||
|
|||
|
|||
|
|||
|
|||
|
Class Variables | |
table_header =
hash(x) |
|
scanner_defaults =
|
|
METHODS =
(Inherited from rekall.plugins.windows.common.WinProcessFilter)
|
|
PHYSICAL_AS_REQUIRED = True
(Inherited from rekall.plugin.PhysicalASMixin)
|
|
PROFILE_REQUIRED = True
(Inherited from rekall.plugin.ProfileCommand)
|
|
ROW_OPTIONS =
(Inherited from rekall.plugin.TypedProfileCommand)
|
|
classes =
(Inherited from rekall.plugin.Command)
|
|
classes_by_name =
(Inherited from rekall.plugin.Command)
|
|
error_status = None hash(x) (Inherited from rekall.plugin.Command) |
|
interactive = False
(Inherited from rekall.plugin.Command)
|
|
mode =
hash(x) (Inherited from rekall.plugins.windows.common.AbstractWindowsCommandPlugin) |
|
plugin_args = None hash(x) (Inherited from rekall.plugin.ArgsParserMixin) |
|
plugin_feature =
(Inherited from rekall.plugin.Command)
|
|
producer = False
(Inherited from rekall.plugin.Command)
|
|
table_options =
(Inherited from rekall.plugin.TypedProfileCommand)
|
Properties | |
filtering_requested (Inherited from rekall.plugins.windows.common.WinProcessFilter) | |
name (Inherited from rekall.plugin.Command) | |
Inherited from |
Method Details |
Checks we are active. This method will be called with the session to check if this specific class is active. This mechanism allows multiple implementations to all share the same name, as long as only one is actually active. For example, we can have a linux, windows and mac version of plugins with the "pslist" name. This mixin provides the mixed class with a basic is_active() method which honors a mode member defined on the class and all its subclasses. The mode is additive (meaning each class and its subclasses are only active if the mode is active).
|
Collect data that will be passed to renderer.table_row.
|
|
|
Class Variable Details |
table_headerhash(x)
|
Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Mon Oct 9 03:29:17 2017 | http://epydoc.sourceforge.net |