`dissect.target.plugins.os.windows.notifications`#

Module Contents#

Classes#

NotificationsPlugin

Plugin that parses the notification databases on Windows 10 machines.

Attributes#

`WpnDatabaseNotificationRecord`
`WpnDatabaseNotificationHandlerRecord`

dissect.target.plugins.os.windows.notifications.WpnDatabaseNotificationRecord#

dissect.target.plugins.os.windows.notifications.WpnDatabaseNotificationHandlerRecord#

class dissect.target.plugins.os.windows.notifications.NotificationsPlugin(target)#

Bases: dissect.target.plugin.Plugin

Plugin that parses the notification databases on Windows 10 machines.

__namespace__ = 'notifications'#

check_compatible()#

Perform a compatibility check with the target.

This function should return None if the plugin is compatible with the current target (self.target). For example, check if a certain file exists. Otherwise it should raise an UnsupportedPluginError.

Raises:: UnsupportedPluginError – If the plugin could not be loaded.

wpndatabase()#

Returns Windows Notifications from wpndatabase.db (post Windows 10 Anniversary).

Resources:

https://inc0x0.com/2018/10/windows-10-notification-database/

dissect.target.plugins.os.windows.notifications#

Module Contents#

Classes#

Attributes#

`dissect.target.plugins.os.windows.notifications`#