heimdall.os_related.windows package
Submodules
heimdall.os_related.windows.processes module
- class heimdall.os_related.windows.processes.WindowsProcess(ks: Any, ctx: Context)[source]
Bases:
ProcessRepresents a Windows process, providing access to attributes such as PID, name, and path.
- property name: str
Process name.
- Returns:
The name of the process.
- Return type:
str
- property path: str
Process path.
- Returns:
The full path of the process executable, or the process name if path retrieval fails.
- Return type:
str
- property pid: int
Process ID (PID).
- Returns:
The process ID.
- Return type:
int
- class heimdall.os_related.windows.processes.WindowsProcesses(heimdall_client: HeimdallClient)[source]
Bases:
ProcessesManages a collection of Windows processes, providing methods to retrieve processes by various attributes.
- __init__(heimdall_client: HeimdallClient)[source]
Initialize the WindowsProcesses manager with a Heimdall client.
- Parameters:
heimdall_client (HeimdallClient) – The client used for interacting with the system kernel.
- list() → list[WindowsProcess][source]
List all processes.
- Returns:
A list of all Windows processes.
- Return type:
list of WindowsProcess
heimdall.os_related.windows.windows_client module
- class heimdall.os_related.windows.windows_client.WindowsClient(vmi: libvmi.Libvmi, profile: Path)[source]
Bases:
HeimdallClient- property kslide: int
Return kernel slide value.
- property processes: WindowsProcesses
Return Windows processes.