|
def | __init__ (self, config, args, kwargs) |
|
def | getKextSymbols |
|
def | findKextWithAddress (self, addr) |
|
def | isCallReferenceModified (self, model, distorm_mode, func_addr, kernel_syms, kmods) |
|
def | isPrologInlined (self, model, distorm_mode, func_addr) |
|
def | outside_module (self, addr, kernel_syms, kmods) |
|
def | isInlined (self, model, distorm_mode, func_addr, kernel_syms, kmods) |
|
def | calculate (self) |
|
def | unified_output (self, data) |
|
def | generator (self, data) |
|
def | render_text (self, outfd, data) |
|
Public Member Functions inherited from volatility.plugins.mac.common.AbstractMacCommand |
def | __init__ (self, args, kwargs) |
|
def | profile (self) |
|
def | execute (self, args, kwargs) |
|
Public Member Functions inherited from volatility.commands.Command |
def | __init__ (self, config, _args, _kwargs) |
| Constructor uses args as an initializer. More...
|
|
def | help (cls) |
| This function returns a string that will be displayed when a user lists available plugins.
|
|
def | calculate (self) |
| This function is responsible for performing all calculations. More...
|
|
def | execute (self) |
| Executes the plugin command. More...
|
|
def | format_value (self, value, fmt) |
| Formats an individual field using the table formatting codes.
|
|
def | table_header |
| Table header renders the title row of a table. More...
|
|
def | table_row (self, outfd, args) |
| Outputs a single row of a table.
|
|
def | text_cell_renderers (self, columns) |
| Returns default renderers for the columns listed.
|
|
def | unified_output (self, data) |
|
def | render_text (self, outfd, data) |
|
def | render_greptext (self, outfd, data) |
|
def | render_json (self, outfd, data) |
|
def | render_sqlite (self, outfd, data) |
|
def | render_dot (self, outfd, data) |
|
def | render_html (self, outfd, data) |
|
def | render_xlsx (self, outfd, data) |
|
Checks to see if system call and kernel functions are hooked.