Difference between revisions of "Windows Registry"

From Forensics Wiki
Jump to: navigation, search
m (Commercial)
m (Bibliography)
Line 10: Line 10:
  
 
* [http://www.forensicfocus.com/downloads/forensic-analysis-windows-registry.pdf Forensic Analysis of the Windows Registry], Lih Wern Wong , School of Computer and Information Science, Edith Cowan University
 
* [http://www.forensicfocus.com/downloads/forensic-analysis-windows-registry.pdf Forensic Analysis of the Windows Registry], Lih Wern Wong , School of Computer and Information Science, Edith Cowan University
 +
 +
* [http://www.sentinelchicken.com/research/registry_format/ The Windows NT Registry File Format], Timothy D. Morgan
  
 
==Tools==
 
==Tools==

Revision as of 17:43, 17 November 2008

Contents

Bibliography

Tools

Open Source

  • regviewer -- a tool for looking at the registry.
  • RegRipper --- "the fastest, easiest, and best tool for registry analysis in forensics examinations."

Commercial

See Also