aboutsummaryrefslogtreecommitdiff
path: root/ReverseEngineering/ProcessModuleTrace.format.ps1xml
diff options
context:
space:
mode:
Diffstat (limited to 'ReverseEngineering/ProcessModuleTrace.format.ps1xml')
-rw-r--r--ReverseEngineering/ProcessModuleTrace.format.ps1xml36
1 files changed, 36 insertions, 0 deletions
diff --git a/ReverseEngineering/ProcessModuleTrace.format.ps1xml b/ReverseEngineering/ProcessModuleTrace.format.ps1xml
new file mode 100644
index 0000000..ffb6761
--- /dev/null
+++ b/ReverseEngineering/ProcessModuleTrace.format.ps1xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<Configuration>
+ <ViewDefinitions>
+ <View>
+ <Name>ProcessModuleTraceView</Name>
+ <ViewSelectedBy>
+ <TypeName>LOADED_MODULE</TypeName>
+ </ViewSelectedBy>
+ <ListControl>
+ <ListEntries>
+ <ListEntry>
+ <ListItems>
+ <ListItem>
+ <PropertyName>TimeCreated</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>ProcessId</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>FileName</PropertyName>
+ </ListItem>
+ <ListItem>
+ <Label>ImageBase</Label>
+ <ScriptBlock>"0x$($_.ImageBase.ToString("X$([IntPtr]::Size * 2)"))"</ScriptBlock>
+ </ListItem>
+ <ListItem>
+ <PropertyName>ImageSize</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ </ListItems>
+ </ListEntry>
+ </ListEntries>
+ </ListControl>
+ </View>
+ </ViewDefinitions>
+</Configuration>
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-30 09:48:25 +0000