Difference between revisions of "Dfwinreg"

From ForensicsWiki
Jump to: navigation, search
(Created page with "{{Infobox_Software | name = dfwinreg | maintainer = Kristinn Gudjonsson, Joachim Metz | os = Linux, Mac OS X, Windows | genre = {{Analysis}} | li...")
 
(See Also)
Line 17: Line 17:
  
 
== See Also ==
 
== See Also ==
 +
* [[dfvfs]]
 
* [[plaso]]
 
* [[plaso]]
  
 
== External Links ==
 
== External Links ==
 
* [https://github.com/log2timeline/dfwinreg/ Project site]
 
* [https://github.com/log2timeline/dfwinreg/ Project site]

Revision as of 19:45, 8 January 2016

dfwinreg
Maintainer: Kristinn Gudjonsson, Joachim Metz
OS: Linux, Mac OS X, Windows
Genre: Analysis
License: APL
Website: github.com/log2timeline/dfwinreg

dfWinReg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects. The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.

History

dfWinReg originates from the Plaso project and is also based on ideas from the winreg-kb project. It was largely rewritten and made into a stand-alone project to provide more flexibility and allow other projects to make use of Windows Registry functionality.

See Also

External Links