A Cross-Platform C++ parser library for Windows kernel minidumps.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for 0vercl0k from gravatar.com 0vercl0k

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: 0vercl0k
  • Requires: Python >=3.8
Classifiers
Report project as malware

Project description

Python building for kdmp-parser

Code style: black Licence MIT

This C++ library parses Windows kernel full dumps (.dump /f in WinDbg) as well as BMP dumps (.dump /ka in WinDbg).

parser

The library supports loading 64-bit dumps and provides read access to things like:

  • The context record,
  • The exception record,
  • The bugcheck parameters,
  • The physical memory.

The Python bindings were authored by hugsy & masthoon. Refer to the project page on Github for documentation, issues and pull requests.

Installing from PyPI

The easiest way is simply to:

pip install kdmp_parser

Examples

Get context, print the program counter

import kdmp_parser
dmp = kdmp_parser.KernelDumpParser("full.dmp")
assert dmp.type == kdmp_parser.DumpType.FullDump
ctx = dmp.context
print(f"Dump RIP={ctx.Rip:#x}")

Read a virtual memory page at address pointed by RAX

import kdmp_parser
dmp = kdmp_parser.KernelDumpParser("full.dmp")
dmp.read_virtual_page(ctx.Rax)

Explore the physical memory

import kdmp_parser
dmp = kdmp_parser.KernelDumpParser("full.dmp")
pml4 = dmp.directory_table_base
print(f"{pml=:#x}")
dmp.read_physical_page(pml4)

Translate a virtual address into a physical address

import kdmp_parser
dmp = kdmp_parser.KernelDumpParser("full.dmp")
VA = dmp.Rip
PA = dmp.translate_virtual(VA)
print(f"{VA=:#x} -> {PA=:#x}")

Build

Run the following after installing CMake and Python 3.8+ / pip:

pip install -r src/python/requirements.txt
pip install src/python

Authors

Contributors

contributors-img

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for 0vercl0k from gravatar.com 0vercl0k

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: 0vercl0k
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

0.7.4

0.7.3 yanked

Reason this release was yanked:

Linux wheels are corrupted

0.7.2

0.7.1

0.7.0

This version

0.6.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

kdmp_parser-0.6.0-cp312-abi3-win_amd64.whl (78.7 kB view details)

Uploaded CPython 3.12+Windows x86-64

kdmp_parser-0.6.0-cp312-abi3-win32.whl (71.8 kB view details)

Uploaded CPython 3.12+Windows x86

kdmp_parser-0.6.0-cp312-abi3-manylinux_2_35_x86_64.whl (70.4 kB view details)

Uploaded CPython 3.12+manylinux: glibc 2.35+ x86-64

kdmp_parser-0.6.0-cp312-abi3-macosx_12_0_x86_64.whl (65.0 kB view details)

Uploaded CPython 3.12+macOS 12.0+ x86-64

kdmp_parser-0.6.0-cp311-cp311-win_amd64.whl (79.9 kB view details)

Uploaded CPython 3.11Windows x86-64

kdmp_parser-0.6.0-cp311-cp311-win32.whl (72.2 kB view details)

Uploaded CPython 3.11Windows x86

kdmp_parser-0.6.0-cp311-cp311-manylinux_2_35_x86_64.whl (71.1 kB view details)

Uploaded CPython 3.11manylinux: glibc 2.35+ x86-64

kdmp_parser-0.6.0-cp311-cp311-macosx_12_0_x86_64.whl (65.7 kB view details)

Uploaded CPython 3.11macOS 12.0+ x86-64

kdmp_parser-0.6.0-cp310-cp310-win_amd64.whl (80.1 kB view details)

Uploaded CPython 3.10Windows x86-64

kdmp_parser-0.6.0-cp310-cp310-win32.whl (72.4 kB view details)

Uploaded CPython 3.10Windows x86

kdmp_parser-0.6.0-cp310-cp310-manylinux_2_35_x86_64.whl (71.3 kB view details)

Uploaded CPython 3.10manylinux: glibc 2.35+ x86-64

kdmp_parser-0.6.0-cp310-cp310-macosx_12_0_x86_64.whl (65.8 kB view details)

Uploaded CPython 3.10macOS 12.0+ x86-64

kdmp_parser-0.6.0-cp39-cp39-win_amd64.whl (80.4 kB view details)

Uploaded CPython 3.9Windows x86-64

kdmp_parser-0.6.0-cp39-cp39-win32.whl (72.8 kB view details)

Uploaded CPython 3.9Windows x86

kdmp_parser-0.6.0-cp39-cp39-manylinux_2_35_x86_64.whl (71.4 kB view details)

Uploaded CPython 3.9manylinux: glibc 2.35+ x86-64

kdmp_parser-0.6.0-cp39-cp39-macosx_12_0_x86_64.whl (66.0 kB view details)

Uploaded CPython 3.9macOS 12.0+ x86-64

kdmp_parser-0.6.0-cp38-cp38-win_amd64.whl (80.4 kB view details)

Uploaded CPython 3.8Windows x86-64

kdmp_parser-0.6.0-cp38-cp38-win32.whl (72.8 kB view details)

Uploaded CPython 3.8Windows x86

kdmp_parser-0.6.0-cp38-cp38-manylinux_2_35_x86_64.whl (71.3 kB view details)

Uploaded CPython 3.8manylinux: glibc 2.35+ x86-64

kdmp_parser-0.6.0-cp38-cp38-macosx_12_0_x86_64.whl (66.0 kB view details)

Uploaded CPython 3.8macOS 12.0+ x86-64

File details

Details for the file kdmp_parser-0.6.0-cp312-abi3-win_amd64.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp312-abi3-win_amd64.whl
  • Upload date:
  • Size: 78.7 kB
  • Tags: CPython 3.12+, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp312-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 05619308e014a3ce0d0342c95fb764764925970de02b678697bcd8f4942b113b
MD5 a44cd0ca23bf4b99ae19ccf28047c849
BLAKE2b-256 c31fac1cfae335c99dbb6b21ca7dfb567571db6a95fcb6953a604e46c1514840

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp312-abi3-win32.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp312-abi3-win32.whl
  • Upload date:
  • Size: 71.8 kB
  • Tags: CPython 3.12+, Windows x86
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp312-abi3-win32.whl
Algorithm Hash digest
SHA256 1a6d911d9b3ca46dfba8e6b6a2f17095b52798d41c3dfa090a4ef9d30090076b
MD5 e18cc3e8cb3b680cff96e001bd91aaca
BLAKE2b-256 16cdf6445da6b8620525dcae6df7cdbb07838933ab18dcf8bcec5ba15350d11a

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp312-abi3-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp312-abi3-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 d18fce54d6ca10c71e624ade27f9cb2a6239750e036654deb31b44e7d6442525
MD5 e008028880f61d55b1f53c41618cab7e
BLAKE2b-256 c4623516ba4586eb9403829ffab4c5e65dee8f3d5f57cdf7228f998d3407ebb6

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp312-abi3-macosx_12_0_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp312-abi3-macosx_12_0_x86_64.whl
Algorithm Hash digest
SHA256 70cb6d1b654210860e1655a1ecbf0c27a1a94239eafdf5e5a89321d94d23e64d
MD5 608494a9e3e0a2f67123982f8e549801
BLAKE2b-256 35363d330b11c868a90acf71c95ab4f5e3182f8a9cd4c6aa8bcccd221ab0ed4a

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp311-cp311-win_amd64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp311-cp311-win_amd64.whl
Algorithm Hash digest
SHA256 da39bdb9084edb40d580f7b46a04131d0af59695f5bcb2bb9062a57d986e809b
MD5 0e165b36c91e08d8022e0b635c8930a9
BLAKE2b-256 0dcf7a191261d6d1f9b71a35d73664ee0831bae63408ef45dd0efe74f77daf41

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp311-cp311-win32.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp311-cp311-win32.whl
  • Upload date:
  • Size: 72.2 kB
  • Tags: CPython 3.11, Windows x86
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp311-cp311-win32.whl
Algorithm Hash digest
SHA256 a3d4dc730bad5a7dba452c2d6c7b474fe2e75acea723c4525285c723667d8643
MD5 be971e7d345d3c7d61a31881a7c716e5
BLAKE2b-256 3ab6fb2468b6256490849ebbcec4e0ca70eb509c9f9cf0bc012e3d8f8e92e608

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp311-cp311-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp311-cp311-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 b7afc3774456e2eced549717ceafb22b5213575792df01a08f320c6f335ed568
MD5 1e1c917482f49bed3ae91c14c9f5aeb0
BLAKE2b-256 4ef0493b3c251387082e634885dbc4e48490c219222701df20b14351466dfb51

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp311-cp311-macosx_12_0_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp311-cp311-macosx_12_0_x86_64.whl
Algorithm Hash digest
SHA256 631bb8329062cbfb51cd52e8f03e2ee5d58478168731ce766c968d11b5377c97
MD5 35bb5e4a81ef30df34559571c314ad87
BLAKE2b-256 08f88c70bd4f996a92b5a1e75ad631b61b89b166f311c2fce55d1d3227640c32

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp310-cp310-win_amd64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp310-cp310-win_amd64.whl
Algorithm Hash digest
SHA256 14977ce25f83976d40a351579be25d0dd4be8de127ceb005373f15a823783760
MD5 8b5668e6a07a8828459534a097573a13
BLAKE2b-256 c07007ed5e84f00c9aae3520b1d100fcfc5caff820bbe23c4361e9c191637331

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp310-cp310-win32.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp310-cp310-win32.whl
  • Upload date:
  • Size: 72.4 kB
  • Tags: CPython 3.10, Windows x86
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp310-cp310-win32.whl
Algorithm Hash digest
SHA256 295f6645763eb27509c191fd7a95b87036d51abcd7de0df5f324d5e1739736c7
MD5 28892e20959200c9495ffb9e4b301865
BLAKE2b-256 ac56eb73104608ee6537599b43a1e26f67f89301eb66f6a644a387a97d1765ff

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp310-cp310-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp310-cp310-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 f9a91169e7754c2e25f710cdcbab0c3b2298812ab9ef60fc53c38ce37360133c
MD5 855d5e9a99354ce17cfc8e7e6c3b625b
BLAKE2b-256 871489568b50a137abc65f8338284d048bae7f362d502bc679bb2f341eeba38b

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp310-cp310-macosx_12_0_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp310-cp310-macosx_12_0_x86_64.whl
Algorithm Hash digest
SHA256 8f305f63429aaac0d2e2cc68e16d350e02d14f06b344d1a91e8726642e0fce6a
MD5 accdff45811aa05640d9026ebcc8dc03
BLAKE2b-256 73ab55caa1f201676d7df8226dca1c63969ecb0b4ef2166a6f66d65e2947af6b

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp39-cp39-win_amd64.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp39-cp39-win_amd64.whl
  • Upload date:
  • Size: 80.4 kB
  • Tags: CPython 3.9, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp39-cp39-win_amd64.whl
Algorithm Hash digest
SHA256 b0bef739238585ccd23873e31d93280f43164f9a79670683a217d1a338a81ce6
MD5 9e55e5e1b6c8bbd34ac13025965433d2
BLAKE2b-256 7e48d4d98197ad1bcf89f24bf0cdc3afd0b15ecfc37d252143447476488e80c5

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp39-cp39-win32.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp39-cp39-win32.whl
  • Upload date:
  • Size: 72.8 kB
  • Tags: CPython 3.9, Windows x86
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp39-cp39-win32.whl
Algorithm Hash digest
SHA256 fb646e5c7bc747a8a2c61d5884aa3818f8bb6475a54a872e04c1b80ff7acb90b
MD5 4cc981698a512d6b3a234aa3dc596fdb
BLAKE2b-256 aa0add295f7159e31b67518d0097542c9ea0caad31714577b700100650574921

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp39-cp39-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp39-cp39-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 9f7e3ca1aa622829dfedf95fddb17d84b358e226abfa6658dba694033ac45db4
MD5 92c92bb791a3a6b41ec5ea5c135e163b
BLAKE2b-256 ff9d71c7a513bfa23408b66dcfa31226cc23cd2ca0d5c048fa2f2154d0c9586b

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp39-cp39-macosx_12_0_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp39-cp39-macosx_12_0_x86_64.whl
Algorithm Hash digest
SHA256 966c708d7820f09298a77b7adf6b908b229991bafb9b3b5e6c559d68f55db591
MD5 9d86cc1f18abf9210965cc24e463d8d5
BLAKE2b-256 8803b298a2e92144d1b6aa0729b72615a31b25f24bd2f8eeeb951a8ac9657fc3

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp38-cp38-win_amd64.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp38-cp38-win_amd64.whl
  • Upload date:
  • Size: 80.4 kB
  • Tags: CPython 3.8, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp38-cp38-win_amd64.whl
Algorithm Hash digest
SHA256 d8bc780507798ba21c9e53e37a98050cc1136cd673cf430fd98d65f2a00d03f5
MD5 decd9bac76f252bdde8b8cc90464d34f
BLAKE2b-256 52e31ec1c5f4c2e557ec7c8b22ed72ee941ecf1421f7d855dd0789d080a45859

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp38-cp38-win32.whl.

File metadata

  • Download URL: kdmp_parser-0.6.0-cp38-cp38-win32.whl
  • Upload date:
  • Size: 72.8 kB
  • Tags: CPython 3.8, Windows x86
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.3

File hashes

Hashes for kdmp_parser-0.6.0-cp38-cp38-win32.whl
Algorithm Hash digest
SHA256 c7949e38a992af1c97d0d9758740d3ac3cc7583d69c142573ba27565c40371a1
MD5 2ae3a6c71765d0ccb74f0780f5d49562
BLAKE2b-256 813db224d2cff58e06e15df202e45f8c668b0369a68c91f535e04aef1ba774e0

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp38-cp38-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp38-cp38-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 73bd2bf2f725200077facccd9eb6742deff8bcc680de3cd68f0a2c5e394edd71
MD5 08fb4a6bf759fe6b894efa20d8572d0a
BLAKE2b-256 9cb7b608d7d89699d7cbfcaf85a73a2da49fc1635215ae48b1a8d2e31aa871bb

See more details on using hashes here.

File details

Details for the file kdmp_parser-0.6.0-cp38-cp38-macosx_12_0_x86_64.whl.

File metadata

File hashes

Hashes for kdmp_parser-0.6.0-cp38-cp38-macosx_12_0_x86_64.whl
Algorithm Hash digest
SHA256 57727619855fc9d9ab7df57f55a48fdbf5a409d8e2b2b1feeb4bc64f61f69931
MD5 d67ad85d72d15a9bf9435e2155620e1a
BLAKE2b-256 d9734347202fadfbbe3ae66b21e5c14b1224da975e75e04a89ef7b6ff6bd7933

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page