all options
jessie  ] [  stretch  ] [  buster  ] [  bullseye  ] [  sid  ]
[ Source: reglookup  ]

Package: reglookup (1.0.1+svn287-7)

Links for reglookup

Screenshot

Debian Resources:

Download Source Package reglookup:

Maintainers:

External Resources:

Similar packages:

utility to analysis for Windows NT-based registry

RegLookup is a system to direct analysis of Windows NT-based registry files providing command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensics investigations (though is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Currently the program allows one to read an entire registry and output it in a (mostly) standardized, quoted format. It also provides features for filtering of results based on registry path and data type. The package provides the following commands: reglookup, reglookup-recover and reglookup-timeline.

Tags: System Administration: Forensics and Recovery, User Interface: Command Line, Role: role::program, security::forensics, Purpose: Data Conversion, Supports Format: Need an extra tag

Other Packages Related to reglookup

  • depends
  • recommends
  • suggests
  • enhances

Download reglookup

Download for all available architectures
Architecture Package Size Installed Size Files
mips 25.2 kB75.0 kB [list of files]