Class ProcessEntity

Class ProcessEntity describes process entity

Object fields

ProcessEntity.eid entity ID
ProcessEntity.pid process ID
ProcessEntity.ppid parent process ID
ProcessEntity.bitness process bitness
ProcessEntity.backingFile FileEntity of the process main executable
ProcessEntity.commandLine command line
ProcessEntity.createTime process create time
ProcessEntity.user user
ProcessEntity.domain domain
ProcessEntity.integrityLevel integrity level of the process
ProcessEntity.policies process policies statuses

Constructors

ProcessEntity.fromPid (pid) Create ProcessEntity from PID
ProcessEntity.fromHandle (handle) Create ProcessEntity from file handle
ProcessEntity.fromCurrent () Create ProcessEntity for the current prorcess


Object fields

ProcessEntity.eid
entity ID
ProcessEntity.pid
process ID
ProcessEntity.ppid
parent process ID
ProcessEntity.bitness
process bitness
ProcessEntity.backingFile
FileEntity of the process main executable
ProcessEntity.commandLine
command line
ProcessEntity.createTime
process create time
ProcessEntity.user
user
ProcessEntity.domain
domain
ProcessEntity.integrityLevel
integrity level of the process
ProcessEntity.policies
process policies statuses

Fields:

  • dep is DEP enabled
  • alr is ASLR enabled
  • prohibitDynamicCode is dynamic code prohibited
  • binarySignature status of loaded images sign validation

Constructors

ProcessEntity.fromPid (pid)
Create ProcessEntity from PID

Parameters:

  • pid process ID

Returns:

    ProcessEntity object
ProcessEntity.fromHandle (handle)
Create ProcessEntity from file handle

Parameters:

  • handle opened handle to the process

Returns:

    ProcessEntity object
ProcessEntity.fromCurrent ()
Create ProcessEntity for the current prorcess

Returns:

    ProcessEntity object
generated by LDoc 1.4.6 Last updated 2020-05-23 07:05:11