Windows Registry XML
From Forensics Wiki
Revision as of 18:34, 15 March 2012 by Ajnelson
Currently DFXML uses the RegXML standard to represent Registry entries.
There are several open source programs that use XML to represent the Windows Registry:
- registryasxml is a Windows GUI program that exports and imports section of the Windows Registry as XML-foramtted files.
- RegXML is also a Windows command-line utility that exports sections of the Windows Registry as XML-formatted files.
- hivexml is a command-line utility that is part of Red Hat's libguestfs that converts Registry hives to XML.
- Tracking Computer Use with the Windows® Registry Dataset, Doug White, NIST.
- The complete set of code and and a WiReD XML difference set for steganographic applications.
There is one commercial program that we have found:
- ComponentSource has a $195 .NET too that allows management, importing and exporting of the registry via XML.