ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Windows Registry

From ForensicsWiki
Revision as of 22:32, 17 November 2008 by Simsong (Talk | contribs)

Jump to: navigation, search


  • Recovering Deleted Data From the Windows Registry. Timothy Morgan, DFRWS 2008 [paper] [slides]


Open Source

  • regviewer -- a tool for looking at the registry.
  • RegRipper --- "the fastest, easiest, and best tool for registry analysis in forensics examinations."


See Also