volatility.plugins.linux.check_fops.linux_check_fop Class Reference

Check file operation structures for rootkit modifications. More...

Inheritance diagram for volatility.plugins.linux.check_fops.linux_check_fop:

Public Member Functions
def	__init__ (self, config, args, kwargs)
def	check_file_cache (self, f_op_members, modules)
def	check_open_files_fop (self, f_op_members, modules)
def	check_proc_fop (self, f_op_members, modules)
def	walk_proc
def	check_proc_root_fops (self, f_op_members, modules)
def	calculate (self)
def	unified_output (self, data)
def	generator (self, data)
def	render_text (self, outfd, data)

Public Attributes
	seen_proc

Detailed Description

Check file operation structures for rootkit modifications.

---

The documentation for this class was generated from the following file:

• volatility/plugins/linux/check_fops.py