Trees       Indices       Help   
Rekall Memory Forensics
Package rekall :: Package plugins :: Package windows :: Module procinfo
[frames] | no frames]

Module procinfo

source code

This module print details information about PE files and processes.

Output is similar to objdump or pefile.

Author: Michael Cohen <scudette@gmail.com>

Classes
  PEInfo
Print information about a PE binary.
  TestPEInfo
  ProcInfo
Dump detailed information about a running process.
  TestProcInfo
Variables
  __package__ = 'rekall.plugins.windows'
   Trees       Indices       Help   
Rekall Memory Forensics
Generated by Epydoc 3.0.1 on Mon Oct 9 03:27:47 2017 http://epydoc.sourceforge.net