Difference between revisions of "Windows Registry"
From Forensics Wiki
m (→Bibliography) |
m (→Commercial) |
||
| Line 18: | Line 18: | ||
* [http://www.abexo.com/free-registry-cleaner.htm Abexo Free Regisry Cleaner] | * [http://www.abexo.com/free-registry-cleaner.htm Abexo Free Regisry Cleaner] | ||
* [http://www.auslogics.com/registry-defrag Auslogics Registry Defrag] | * [http://www.auslogics.com/registry-defrag Auslogics Registry Defrag] | ||
| − | + | * [http://lastbit.com/arv/ Alien Registry Viewer] | |
| − | + | ||
==See Also== | ==See Also== | ||
Revision as of 17:38, 17 November 2008
Contents |
Bibliography
- Recovering Deleted Data From the Windows Registry. Timothy Morgan, DFRWS 2008 [paper] [slides]
- [http://www.pkdavies.co.uk/documents/Computer_Forensics/registry_examination.pdf
- Forensic Analysis of the Windows Registry in Memory, Brendan Dolan-Gavitt, DFRWS 2008 [slides]
- Forensic Analysis of the Windows Registry, Peter Davies, Computer Forensics: Coursework 2 (student paper)
- A Windows Registry Quick-Reference, Derrick Farmer, Burlington, VT.
- The Windows Registry as a forensic resource, Digital Investigation, Volume 2, Issue 3, September 2005, Pages 201--205.
- Forensic Analysis of the Windows Registry, Lih Wern Wong , School of Computer and Information Science, Edith Cowan University
Tools
Open Source
- regviewer -- a tool for looking at the registry.
- RegRipper --- "the fastest, easiest, and best tool for registry analysis in forensics examinations."
