Incident Response with RegRipper by Harlan Carvey
Effectively Using RegRipper 3.0, Harlan Carvey, OSDFCon 2020
What is RegRipper?
RegRipper is an open source forensic software application developed by Harlan Carvey, and what it does is extract data from the Windows Registry, ranging from user-related registry to system registry and etc.
RegRipper has a set of plugins that can be used by the examiner to suit their needs.
Explore the tool and its uses cases here: RegRipper
SAM Hive
System Hive
System Hive
Software Hive
-
Know Your Tools
Source: Windows Incident Response Published on 2025-03-21 By Unknown
-
WMI
Source: Windows Incident Response Published on 2025-03-18 By Unknown
-
The Problem with the Modern Security Stack
Source: Windows Incident Response Published on 2025-03-11 By Unknown
-
Lina's Write-up
Source: Windows Incident Response Published on 2025-02-20 By Unknown
-
The Role of AI in DFIR
Source: Windows Incident Response Published on 2025-02-16 By Unknown
About Harlan
Harlan Carvey is a senior-level cyber security advisor and researcher, poised at the intersection of digital forensics and incident response, threat hunting, and threat intel. The prolific published author (9 titles) wrote the first book of its kind regarding analysis of the Windows Registry. An accomplished public speaker, innovative researcher and analyst.