Retrieves the list of handles using the 'handle.exe' command and return the data as a pandas DataFrame.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for hansalemao from gravatar.com hansalemao

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers
Report project as malware

Project description

Retrieves the list of handles using the 'handle.exe' command and return the data as a pandas DataFrame.

pip install gethandledf

Tested against Windows 10 / Python 3.10 / Anaconda

Python

from gethandledf import get_handle_list, get_handle_list_interval
df = get_handle_list(partial_process_string="explorer.exe")
df2 = get_handle_list_interval(interval=1, partial_process_string="") # press ctrl+c when you are done


get_handle_list_interval(interval: int = 5, partial_process_string: str = "")->pd.DataFrame:
    r"""
    Continuously retrieve the list of handles at a specified interval using the 'handle.exe' command
    and return the data as a concatenated pandas DataFrame. Press ctrl+c when you want the capturing to stop

    Args:
        interval (int): The interval in seconds at which to retrieve the handle list. Defaults to 5.
        partial_process_string (str): A partial process string to filter the handles by a specific process.
            Defaults to an empty string, which retrieves handles for all processes.

    Returns:
        pd.DataFrame: A DataFrame containing information about the handles.

    Raises:
        None

    Example:
        >>> df = get_handle_list_interval(interval=1, partial_process_string="")
        >>> print(df.head())
              Process  PID               User   Handle Type ShareFlags  \
        0  System         4  NT AUTHORITY\SYSTEM  0x3f4    Key
        1  System         4  NT AUTHORITY\SYSTEM  0x6cc    Key
        2  System         4  NT AUTHORITY\SYSTEM  0x78c    Key
        3  System         4  NT AUTHORITY\SYSTEM  0x790    Key
        4  System         4  NT AUTHORITY\SYSTEM  0x7a8    Key

                          Name            AccessMask  scan_id
        0  \REGISTRY\MACHINE\BCD       0x20019           0
        1  \REGISTRY\MACHINE\BCD       0x20019           0
        2  \REGISTRY\MACHINE\BCD       0x20019           0
        3  \REGISTRY\MACHINE\BCD       0x20019           0
        4  \REGISTRY\MACHINE\BCD       0x20019           0
        ...
		

get_handle_list(partial_process_string: str = "") -> pd.DataFrame:
    r"""
    Retrieve the list of handles using the 'handle.exe' command and return the data as a pandas DataFrame.

    Args:
        partial_process_string (str): A partial process string to filter the handles by a specific process.
            Defaults to an empty string, which retrieves handles for all processes.

    Returns:
        pd.DataFrame: A DataFrame containing information about the handles.

    Raises:
        None

    Example:
        >>> df = get_handle_list(partial_process_string="explorer.exe")
        >>> print(df.head())
              Process  PID               User   Handle Type ShareFlags  \
        0  System         4  NT AUTHORITY\SYSTEM  0x3f4    Key
        1  System         4  NT AUTHORITY\SYSTEM  0x6cc    Key
        2  System         4  NT AUTHORITY\SYSTEM  0x78c    Key
        3  System         4  NT AUTHORITY\SYSTEM  0x790    Key
        4  System         4  NT AUTHORITY\SYSTEM  0x7a8    Key

                          Name            AccessMask
        0  \REGISTRY\MACHINE\BCD       0x20019
        1  \REGISTRY\MACHINE\BCD       0x20019
        2  \REGISTRY\MACHINE\BCD       0x20019
        3  \REGISTRY\MACHINE\BCD       0x20019
        4  \REGISTRY\MACHINE\BCD       0x20019
        ...

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for hansalemao from gravatar.com hansalemao

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.11

0.10

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gethandledf-0.11.tar.gz (770.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gethandledf-0.11-py3-none-any.whl (771.3 kB view details)

Uploaded Python 3

File details

Details for the file gethandledf-0.11.tar.gz.

File metadata

  • Download URL: gethandledf-0.11.tar.gz
  • Upload date:
  • Size: 770.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.10

File hashes

Hashes for gethandledf-0.11.tar.gz
Algorithm Hash digest
SHA256 47243cf4358385de816c9348aa16a8a8fa59fd307cec7b7b8115628187b821f3
MD5 145e5525b3cfad0d07287735e91ed393
BLAKE2b-256 b56927ac79ad596cfffe10aba97cf66963ab0728af74dd5ef42ec1ebd1bf6ebe

See more details on using hashes here.

File details

Details for the file gethandledf-0.11-py3-none-any.whl.

File metadata

  • Download URL: gethandledf-0.11-py3-none-any.whl
  • Upload date:
  • Size: 771.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.10

File hashes

Hashes for gethandledf-0.11-py3-none-any.whl
Algorithm Hash digest
SHA256 81d7fd86b63c0aeb88f66bea16d27a29e25a3a71ac3d03e2995cd46e330b8996
MD5 59a12f4d22c0027113ca4d5086ba9e59
BLAKE2b-256 59ee1b2375ea749169be338fbde8b1eb756787fc2ed015f511acf55df4413fd4

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page