Class ProcessEntity
Class ProcessEntity describes process entity
Object fields
ProcessEntity.eid | entity ID |
ProcessEntity.pid | process ID |
ProcessEntity.ppid | parent process ID |
ProcessEntity.bitness | process bitness |
ProcessEntity.backingFile | FileEntity of the process main executable |
ProcessEntity.commandLine | command line |
ProcessEntity.createTime | process create time |
ProcessEntity.user | user |
ProcessEntity.domain | domain |
ProcessEntity.integrityLevel | integrity level of the process |
ProcessEntity.policies | process policies statuses |
Constructors
ProcessEntity.fromPid (pid) | Create ProcessEntity from PID |
ProcessEntity.fromHandle (handle) | Create ProcessEntity from file handle |
ProcessEntity.fromCurrent () | Create ProcessEntity for the current prorcess |
Object fields
- ProcessEntity.eid
- entity ID
- ProcessEntity.pid
- process ID
- ProcessEntity.ppid
- parent process ID
- ProcessEntity.bitness
- process bitness
- ProcessEntity.backingFile
- FileEntity of the process main executable
- ProcessEntity.commandLine
- command line
- ProcessEntity.createTime
- process create time
- ProcessEntity.user
- user
- ProcessEntity.domain
- domain
- ProcessEntity.integrityLevel
- integrity level of the process
- ProcessEntity.policies
-
process policies statuses
Fields:
- dep is DEP enabled
- alr is ASLR enabled
- prohibitDynamicCode is dynamic code prohibited
- binarySignature status of loaded images sign validation
Constructors
- ProcessEntity.fromPid (pid)
-
Create ProcessEntity from PID
Parameters:
- pid process ID
Returns:
-
ProcessEntity object
- ProcessEntity.fromHandle (handle)
-
Create ProcessEntity from file handle
Parameters:
- handle opened handle to the process
Returns:
-
ProcessEntity object
- ProcessEntity.fromCurrent ()
-
Create ProcessEntity for the current prorcess
Returns:
-
ProcessEntity object