The Volatility Framework
Public Member Functions | Static Public Attributes | List of all members
contrib.plugins.psdispscan.PSDispScan Class Reference

Scan Physical memory for _EPROCESS objects based on their Dispatch Headers. More...

Inheritance diagram for contrib.plugins.psdispscan.PSDispScan:

Public Member Functions

def calculate (self)
 
def render_dot (self, outfd, data)
 
def render_text (self, outfd, data)
 

Static Public Attributes

tuple meta_info
 

Detailed Description

Scan Physical memory for _EPROCESS objects based on their Dispatch Headers.

Member Data Documentation

tuple contrib.plugins.psdispscan.PSDispScan.meta_info
static
Initial value:
1 = dict(
2  author = 'Brendan Dolan-Gavitt',
3  copyright = 'Copyright (c) 2007,2008 Brendan Dolan-Gavitt',
4  contact = 'bdolangavitt@wesleyan.edu',
5  license = 'GNU General Public License 2.0 or later',
6  url = 'http://moyix.blogspot.com/',
7  os = 'WIN_32_XP_SP2',
8  version = '1.0',
9  )
The documentation for this class was generated from the following file: