workbench.workers.rekall_adapter.rekall_adapter module
rekall_adapter: Helps Workbench utilize the Rekall Memory Forensic Framework.
See Google Github: http://github.com/google/rekall
All credit for good stuff goes to them, all credit for bad stuff goes to us. :).
-
workbench.workers.rekall_adapter.rekall_adapter.gsleep()[source]
-
class workbench.workers.rekall_adapter.rekall_adapter.RekallAdapter(raw_bytes)[source]
Bases: object
RekallAdapter: Helps utilize the Rekall Memory Forensic Framework.
Initialization.
-
get_session()[source]
-
get_renderer()[source]
-
class workbench.workers.rekall_adapter.rekall_adapter.MemSession(raw_bytes)[source]
Bases: object
MemSession: Helps utilize the Rekall Memory Forensic Framework.
Create a Rekall session from raw_bytes.
-
get_session()[source]
Get the current session handle.
-
workbench.workers.rekall_adapter.rekall_adapter.test()[source]
rekall_adapter.py: Test.