pykd
1
2import sys3from pykd import *4
5def processInfo():6
7nt = module( "nt" )8
9processList = typedVarList( nt.PsActiveProcessHead, "nt!_EPROCESS", "ActiveProcessLinks" )10
11for process in processList:12print "".join( [chr(i) for i in process.ImageFileName if i != 0] )13
14def run():15
16if not isWindbgExt():17if not loadDump( sys.argv[1] ):18dprintln( sys.argv[1] + " - load failed" )19return20
21if not isKernelDebugging():22dprintln( "not a kernel debugging" )23return24
25processInfo()26
27if __name__ == "__main__":28run()29
30
31