Incident Response with RegRipper by Harlan Carvey
Effectively Using RegRipper 3.0, Harlan Carvey, OSDFCon 2020
What is RegRipper?
RegRipper is an open source forensic software application developed by Harlan Carvey, and what it does is extract data from the Windows Registry, ranging from user-related registry to system registry and etc.
RegRipper has a set of plugins that can be used by the examiner to suit their needs.
Explore the tool and its uses cases here: RegRipper
SAM Hive
System Hive
System Hive
Software Hive
-
Roll-up
Source: Windows Incident Response Published on 2023-11-29 By Unknown
-
Investigating Time Stomping
Source: Windows Incident Response Published on 2023-10-09 By Unknown
-
The State of Windows Digital Analysis, pt II
Source: Windows Incident Response Published on 2023-09-20 By Unknown
-
The State of Windows Digital Analysis
Source: Windows Incident Response Published on 2023-09-13 By Unknown
-
The Next Step: Integrating Yara with RegRipper, pt II
Source: Windows Incident Response Published on 2023-08-27 By Unknown
About Harlan
Harlan Carvey is a senior-level cyber security advisor and researcher, poised at the intersection of digital forensics and incident response, threat hunting, and threat intel. The prolific published author (9 titles) wrote the first book of its kind regarding analysis of the Windows Registry. An accomplished public speaker, innovative researcher and analyst.