Trees       Indices       Help   
Rekall Memory Forensics
Package rekall :: Module scan
[frames] | no frames]

Module scan

source code

Author: Michael Cohen <scudette@gmail.com>

Classes
  ScannerCheck
A scanner check is a special class which is invoked on an AS to check for a specific condition.
  MultiStringFinderCheck
A scanner checker for multiple strings.
  StringCheck
Checks for a single string.
  RegexCheck
This check can be quite slow.
  BufferASGenerator
A Generator of contiguous buffers read from the address space.
  BaseScanner
Base class for all scanners.
  FastStructScanner
This scanner looks for a struct in memory.
  MultiStringScanner
A scanner for multiple strings at once.
  PointerScanner
Scan for a bunch of pointers at the same time.
  ScannerGroup
Runs a bunch of scanners in one pass over the image.
  DiscontigScannerGroup
A scanner group which works over a virtual address space.
  DebugChecker
A check that breaks into the debugger when a condition is met.
Variables
  __package__ = 'rekall'
   Trees       Indices       Help   
Rekall Memory Forensics
Generated by Epydoc 3.0.1 on Mon Oct 9 03:27:47 2017 http://epydoc.sourceforge.net