Back to binalyze.com

PCI Info

Overview

Evidence: PCI Info Description: ESXi PCI Info Category: DiskFilesystem Platform: esxi Short Name: pciinfo Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

PCI device enumeration provides comprehensive hardware inventory including network cards, storage controllers, GPUs, and other expansion devices. This baseline establishes expected hardware configuration and helps detect unauthorized physical device additions or modifications.

Data Collected

This collector gathers structured data about pci info.

PCI Info Data

Field
Description
Example

Address

Address

Example value

Segment

Segment

Example value

Bus

Bus

Example value

Slot

Slot

Example value

Function

Function

Example value

VMKernelName

VM Kernel Name

Example value

VendorName

Vendor Name

Example value

DeviceName

Device Name

Example value

ConfiguredOwner

Configured Owner

Example value

CurrentOwner

Current Owner

Example value

VendorID

Vendor ID

Example value

DeviceID

Device ID

Example value

SubVendorID

Sub Vendor ID

Example value

SubDeviceID

Sub Device ID

Example value

DeviceClass

Device Class

Example value

DeviceClassName

Device Class Name

Example value

ProgrammingInterface

Programming Interface

Example value

RevisionID

Revision ID

Example value

InterruptLine

Interrupt Line

Example value

IRQ

IRQ

123

InterruptVector

Interrupt Vector

Example value

PCIPin

PCI Pin

Example value

SpawnedBus

Spawned Bus

Example value

Flags

Flags

Example value

ModuleID

Module ID

123

ModuleName

Module Name

Example value

Chassis

Chassis

123

PhysicalSlot

Physical Slot

123

SlotDescription

Slot Description

Example value

DeviceLayerBusAddress

Device Layer Bus Address

Example value

PassThruCapable

Pass Thru Capable

Example value

ParentDevice

Parent Device

Example value

DependentDevice

Dependent Device

Example value

ResetMethod

Reset Method

Example value

FPTSharable

FPT Sharable

Example value

NUMANode

NUMA Node

123

ExtendedDeviceID

Extended Device ID

123

ExtendedDeviceName

Extended Device Name

Example value

Collection Method

This collector parses PCI device information, extracting bus addresses, device IDs, vendor IDs, device classes, subsystem information, driver associations, and device names for all PCI and PCIe devices visible to the ESXi host.

Forensic Value

PCI device inventory validates hardware configuration, detects rogue devices like hardware keyloggers or network taps, identifies unauthorized passthrough configurations, and reveals hardware-based attack vectors. Device ID changes or unexpected additions indicate physical tampering or malicious hardware implants.

PreviousOpen FilesNextPermission Info

Last updated

Was this helpful?