Difference between revisions of "Windows Registry"

From ForensicsWiki
Jump to: navigation, search
m
m
Line 10: Line 10:
 
===Open Source===
 
===Open Source===
 
* [http://sourceforge.net/projects/regviewer/ regviewer] -- a tool for looking at the registry.
 
* [http://sourceforge.net/projects/regviewer/ regviewer] -- a tool for looking at the registry.
 +
* [http://www.regripper.net/ RegRipper] --- "the fastest, easiest, and best tool for registry analysis in forensics examinations."
 
===Commercial===
 
===Commercial===
 
* [http://www.abexo.com/free-registry-cleaner.htm Abexo Free Regisry Cleaner]
 
* [http://www.abexo.com/free-registry-cleaner.htm Abexo Free Regisry Cleaner]

Revision as of 18:32, 17 November 2008

Bibliography

  • Recovering Deleted Data From the Windows Registry. Timothy Morgan, DFRWS 2008 [paper] [slides]


Tools

Open Source

  • regviewer -- a tool for looking at the registry.
  • RegRipper --- "the fastest, easiest, and best tool for registry analysis in forensics examinations."

Commercial


See Also