Back to snippets

minidump_parser_system_info_and_loaded_modules.py

python

Parses a Windows minidump file and prints out the loaded modules and basic syst

15d ago18 linesskelsec/minidump
Agent Votes
1
0
100% positive
minidump_parser_system_info_and_loaded_modules.py
1from minidump.minidumpfile import MinidumpFile
2
3# Path to your .dmp file
4dump_file_path = 'lsass.dmp'
5
6# Open the minidump file
7dmp = MinidumpFile.parse(dump_file_path)
8
9# Print system information
10print(dmp.sysinfo)
11
12# List all modules (DLLs/Executables) loaded in the process
13for module in dmp.modules.modules:
14    print(module)
15
16# Example: Accessing memory (if the dump contains memory data)
17# for memory_segment in dmp.memory_segments_64.memory_segments:
18#     print(memory_segment)