Dfwinreg

From ForensicsWiki
Revision as of 05:24, 1 July 2016 by Joachim Metz (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
dfwinreg
Maintainer: Daniel White, Joachim Metz
OS: Linux, Mac OS X, Windows
Genre: Analysis
License: APL
Website: github.com/log2timeline/dfwinreg

dfWinReg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects. The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.

History

dfWinReg originates from the Plaso project and is also based on ideas from the winreg-kb project. It was largely rewritten and made into a stand-alone project to provide more flexibility and allow other projects to make use of Windows Registry functionality.

See Also

External Links

Retrieved from "https://forensicswiki.org/index.php?title=Dfwinreg&oldid=16533"