`dissect.target.plugins.os.windows.log.amcache`#

Module Contents#

Classes#

AmcacheInstallPlugin

Amcache install log plugin.

Attributes#

`re_field`
`AmcacheFileCreateRecord`
`AmcacheArpCreateRecord`

dissect.target.plugins.os.windows.log.amcache.re_field#

dissect.target.plugins.os.windows.log.amcache.AmcacheFileCreateRecord#

dissect.target.plugins.os.windows.log.amcache.AmcacheArpCreateRecord#

class dissect.target.plugins.os.windows.log.amcache.AmcacheInstallPlugin(target)#

Bases: dissect.target.plugin.Plugin

Amcache install log plugin.

check_compatible()#

Perform a compatibility check with the target.

This function should return None if the plugin is compatible with the current target (self.target). For example, check if a certain file exists. Otherwise it should raise an UnsupportedPluginError.

Raises:: UnsupportedPluginError – If the plugin could not be loaded.

amcache_install()#: Return the contents of the Amcache install log.

dissect.target.plugins.os.windows.log.amcache#

Module Contents#

Classes#

Attributes#

`dissect.target.plugins.os.windows.log.amcache`#