Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Module event :: Class CreateThreadEvent
[hide private]
[frames] | no frames]

Class CreateThreadEvent

source code

Thread creation event.

Instance Methods [hide private]
ThreadHandle
get_thread_handle(self)
Returns: Thread handle received from the system.		 source code
int
get_teb(self)
Returns: Pointer to the TEB.		 source code
int
get_start_address(self)
Returns: Pointer to the first instruction to execute in this thread.		 source code
 
__init__(self, debug, raw)
x.__init__(...) initializes x; see help(type(x)) for signature (Inherited from winappdbg.event.Event)		 source code
int
get_event_code(self)
Returns: Debug event code as defined in the Win32 API. (Inherited from winappdbg.event.Event)		 source code
str
get_event_description(self)
Returns: User-friendly description of the event. (Inherited from winappdbg.event.Event)		 source code
str
get_event_name(self)
Returns: User-friendly name of the event. (Inherited from winappdbg.event.Event)		 source code
int
get_pid(self)
Returns: Process global ID where the event occured. (Inherited from winappdbg.event.Event)		 source code
Process
get_process(self)
Returns: Process where the event occured. (Inherited from winappdbg.event.Event)		 source code
Thread
get_thread(self)
Returns: Thread where the event occured. (Inherited from winappdbg.event.Event)		 source code
int
get_tid(self)
Returns: Thread global ID where the event occured. (Inherited from winappdbg.event.Event)		 source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Class Variables [hide private]
str eventMethod = 'create_thread'
Method name to call when using EventHandler subclasses.
str eventName = 'Thread creation event'
User-friendly name of the event.
str eventDescription = 'A new thread has started.'
User-friendly description of the event.
Instance Variables [hide private]
int continueStatus
Continue status to pass to win32.ContinueDebugEvent. (Inherited from winappdbg.event.Event)
Debug debug
Debug object that received the event. (Inherited from winappdbg.event.Event)
DEBUG_EVENT raw
Raw DEBUG_EVENT structure as used by the Win32 API. (Inherited from winappdbg.event.Event)
Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

get_thread_handle(self)

source code 
Returns: ThreadHandle
Thread handle received from the system. Returns None if the handle is not available.

get_teb(self)

source code 
Returns: int
Pointer to the TEB.

get_start_address(self)

source code 
Returns: int
Pointer to the first instruction to execute in this thread.

Returns NULL when the debugger attached to a process and the thread already existed.

See http://msdn.microsoft.com/en-us/library/ms679295(VS.85).aspx


   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:52 2013 http://epydoc.sourceforge.net