Class ComObjectCollector
Collects Com Objects referenced by the registry
Implements
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: AttackSurfaceAnalyzer.Collectors
Assembly: AsaLib.dll
Syntax
public class ComObjectCollector : BaseCollector, IPlatformRunnableConstructors
| Improve this Doc View SourceComObjectCollector(CollectCommandOptions, Action<CollectObject>)
Declaration
public ComObjectCollector(CollectCommandOptions opts = null, Action<CollectObject> changeHandler = null)Parameters
| Type | Name | Description |
|---|---|---|
| CollectCommandOptions | opts | |
| System.Action<CollectObject> | changeHandler |
Methods
| Improve this Doc View SourceCanRunOnPlatform()
Com Objects only exist on Windows.
Declaration
public override bool CanRunOnPlatform()Returns
| Type | Description |
|---|---|
| System.Boolean |
Overrides
| Improve this Doc View SourceExecuteInternal()
Execute the Com Collector. We collect the list of Com Objects registered in the registry and then examine each binary on the disk they point to.
Declaration
public override void ExecuteInternal()Overrides
| Improve this Doc View SourceParseComObjects(RegistryKey, RegistryView, Boolean)
Parse all the Subkeys of the given SearchKey into ComObjects and returns a list of them
Declaration
public static IEnumerable<CollectObject> ParseComObjects(RegistryKey SearchKey, RegistryView View, bool SingleThreaded = false)Parameters
| Type | Name | Description |
|---|---|---|
| RegistryKey | SearchKey | The Registry Key to search |
| RegistryView | View | The View of the registry to use |
| System.Boolean | SingleThreaded |
Returns
| Type | Description |
|---|---|
| System.Collections.Generic.IEnumerable<CollectObject> |
ParseView(RegistryView)
Declaration
public void ParseView(RegistryView view)Parameters
| Type | Name | Description |
|---|---|---|
| RegistryView | view |