registrydecoder-20120816-2.fc25.i686.rpm


Advertisement

Description

registrydecoder - registrydecoder - automates acquisition, analysis, and reporting of Microsoft Windows registry contents

Distribution: Fedora 25
Repository: CERT Forensics Tools i386
Package name: registrydecoder
Package version: 20120816
Package release: 2.fc25
Package architecture: i686
Package type: rpm
Installed size: 1.41 MB
Download size: 627.03 KB
Official Mirror: forensics.cert.org
This version of the Registry Decoder performs offline analysis (on an investigator’s lab machine) of acquired registry files. This project can be found here. The current version of this tool can process raw disk images, partition images, individual registry files, and the database of hives acquired by the online component. When given a disk image, the Sleuthkit libraries are used to parse the image and read each registry hive. This includes the ability to acquire historical files from System Restore Points as well as the RegBack folder of Vista and 7 images. Individual registry hives are processed using libraries from the RegLookup project. After being provided with all registry-oriented evidence for a particular case, which can be any combination of registry files, disk images, and acquired databases, Registry Decoder performs a one-time pre-processing of the evidence. During this process, it creates a number of databases and metadata files that contain all information needed to analyze the files. The analysis section of the offline component contains a number of powerful features. The first feature is Search, which allows for powerful searching across registry hives. The searching abilities include: * Filtering by hive keys, name, and data * Filtering by the last write time of keys * Searching individual terms or with a newline delimited search term file * Exact or wildcard based search * Viewing of search results * Automated reporting of search contents to HTML, PDF, or XLS

Alternatives

Provides

  • registrydecoder = 20120816-2.fc25
  • registrydecoder(x86-32) = 20120816-2.fc25

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install registrydecoder rpm package:
      # dnf --enablerepo=forensics install registrydecoder

    Files

    • /usr/bin/registrydecoder
    • /usr/lib/python2.7/site-packages/registrydecoder/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/cleanwindows.py
    • /usr/lib/python2.7/site-packages/registrydecoder/cleanwindows.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/cleanwindows.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/common.py
    • /usr/lib/python2.7/site-packages/registrydecoder/common.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/common.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/errorclasses.py
    • /usr/lib/python2.7/site-packages/registrydecoder/errorclasses.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/errorclasses.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/ewf.py
    • /usr/lib/python2.7/site-packages/registrydecoder/ewf.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/ewf.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/guicontroller.py
    • /usr/lib/python2.7/site-packages/registrydecoder/guicontroller.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/guicontroller.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/guimain.py
    • /usr/lib/python2.7/site-packages/registrydecoder/guimain.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/guimain.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/opencase.py
    • /usr/lib/python2.7/site-packages/registrydecoder/opencase.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/opencase.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller.spec
    • /usr/lib/python2.7/site-packages/registrydecoder/report_manager.py
    • /usr/lib/python2.7/site-packages/registrydecoder/report_manager.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/report_manager.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/start_processing.py
    • /usr/lib/python2.7/site-packages/registrydecoder/start_processing.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/start_processing.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/template_manager.py
    • /usr/lib/python2.7/site-packages/registrydecoder/template_manager.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/template_manager.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/caseanalysis.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/caseanalysis.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/caseanalysis.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/convui.sh
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/createcase.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/createcase.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/createcase.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/filetab.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/filetab.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/filetab.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/generate_forms.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/generate_forms.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/generate_forms.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/guicommon.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/guicommon.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/guicommon.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/pathtab.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/pathtab.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/pathtab.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/plugintab.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/plugintab.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/plugintab.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/reportfuncs.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/reportfuncs.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/reportfuncs.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/searchtab.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/searchtab.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/searchtab.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/timelinetab.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/timelinetab.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/timelinetab.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/oldforms/exportall.ui
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/registrydecoder.ui
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/registrydecoder_ui.py
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/registrydecoder_ui.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/GUI/uifiles/registrydecoder_ui.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/acquire_files.py
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/acquire_files.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/acquire_files.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/image_classes.py
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/image_classes.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/acquirefiles/image_classes.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringtable.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringtable.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringtable.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/dbhandler.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/dbhandler.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/dbhandler.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/mysql.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/mysql.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/mysql.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/sqlite3handler.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/sqlite3handler.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/strings/stringdatabase/sqlite3handler.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/tree/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/tree/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/tree/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/tree/paralleltree.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/tree/paralleltree.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/tree/paralleltree.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/values/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/values/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/values/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/values/valuestable.py
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/values/valuestable.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/datastructures/values/valuestable.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/acquire_files.py
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/acquire_files.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/acquire_files.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/evidence_database.py
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/evidence_database.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/evidence_database.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/registry_sig.py
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/registry_sig.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/registry_sig.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/tree_handler.py
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/tree_handler.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/initial_processing/tree_handler.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-regdecoder.py
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-regdecoder.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-regdecoder.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-reporting.report_manager.py
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-reporting.report_manager.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-reporting.report_manager.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-templates.template_manager.py
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-templates.template_manager.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/pyinstaller/hook-templates.template_manager.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/harness.py
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/harness.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/harness.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regfile.py
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regfile.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regfile.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regkey.py
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regkey.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regkey.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regparser.py
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regparser.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regparser.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regvalue.py
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regvalue.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/registryparser/regvalue.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/commasep.py
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/commasep.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/commasep.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/html.py
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/html.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/html.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/pdf.py
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/pdf.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/pdf.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/screen_display.py
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/screen_display.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/screen_display.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/xls.py
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/xls.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/reporting/report_formats/xls.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/BHO.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/BHO.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/BHO.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ShellBagMRU.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ShellBagMRU.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ShellBagMRU.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ShellBags.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ShellBags.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ShellBags.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/StreamMRU.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/StreamMRU.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/StreamMRU.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/acmru.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/acmru.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/acmru.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/appinitdlls.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/appinitdlls.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/appinitdlls.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/apppaths.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/apppaths.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/apppaths.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/computer_name.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/computer_name.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/computer_name.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/firewall_policy.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/firewall_policy.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/firewall_policy.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ide_devs.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ide_devs.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ide_devs.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ie_typed_urls.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ie_typed_urls.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/ie_typed_urls.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/last_access_disabled.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/last_access_disabled.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/last_access_disabled.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/listusers.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/listusers.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/listusers.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/map_network_drive_letters.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/map_network_drive_letters.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/map_network_drive_letters.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/map_network_drive_mru.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/map_network_drive_mru.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/map_network_drive_mru.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mmc_mru.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mmc_mru.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mmc_mru.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mounted_devices.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mounted_devices.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mounted_devices.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mrulist.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mrulist.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/mrulist.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/muicache.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/muicache.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/muicache.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/muicache_update.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/muicache_update.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/muicache_update.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/profile_list.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/profile_list.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/profile_list.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/recent_docs.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/recent_docs.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/recent_docs.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/recent_docs_update.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/recent_docs_update.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/recent_docs_update.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/sbp2.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/sbp2.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/sbp2.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/services.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/services.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/services.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/system_run.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/system_run.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/system_run.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/system_run_update.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/system_run_update.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/system_run_update.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/timezone.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/timezone.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/timezone.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/typed_paths.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/typed_paths.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/typed_paths.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/usbstor.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/usbstor.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/usbstor.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_assist.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_assist.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_assist.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_run.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_run.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_run.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_software.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_software.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/user_software.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_install_info.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_install_info.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_install_info.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_logon_info.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_logon_info.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_logon_info.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_uninstall.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_uninstall.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_uninstall.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_version.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_version.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/windows_version.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/winrar_archive_history.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/winrar_archive_history.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/winrar_archive_history.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/wireless_networks.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/wireless_networks.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/wireless_networks.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/wordwheelquery.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/wordwheelquery.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/template_files/wordwheelquery.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/util/__init__.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/util/__init__.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/util/__init__.pyo
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/util/util.py
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/util/util.pyc
    • /usr/lib/python2.7/site-packages/registrydecoder/templates/util/util.pyo
    • /usr/share/doc/registrydecoder/RegistryDecoder-Offline-Analysis-Instructions-v1.1.pdf

    Changelog

    2016-10-25 - Lawrence R. Rogers <lrr@cert.org> 20120816-2 * Release 20120816-2 Changed dependency from pytsk to pytsk3.

    2012-07-16 - Lawrence R. Rogers <lrr@cert.org> 20120816-1 * Release 20120816-1 This is version 1.4 of the registry decoder. This is a build of the file labeled regdecoderR103.zip. See http://code.google.com/p/registrydecoder/source/list for the changes

    2012-07-09 - Lawrence R. Rogers <lrr@cert.org> 20120709-1 * Release 20120709-1 This is a build of the file labeled regdecoderR99.zip. See http://code.google.com/p/registrydecoder/source/list for the changes

    2012-06-29 - Lawrence R. Rogers <lrr@cert.org> 20120629-1 * Release 20120629-1 This is release 1.3 of registrydecoder. See http://code.google.com/p/registrydecoder/source/list for the changes

    2012-02-02 - Lawrence R. Rogers <lrr@cert.org> 20120202-1 * Release 20120202-1 This is release 1.2 of registrydecoder. See http://code.google.com/p/registrydecoder/source/list for the changes

    2011-11-02 - Lawrence R. Rogers <lrr@cert.org> 20111103-1 * Release 20111103-1 This is release 1.1 of registrydecoder. New Features include: - Support for processing Encase (E01) files and split images - Full wildcard searching - Adding evidence after a case is created - Exporting of paths and their key/value pairs - Timelining of keys from the GUI into the Sleuthkit format - Running plugins from the command line - Running custom plugins outside the main executable/package - Support for dual boot machines Updates include: - Reports now have their extension appended if the user doesn't enter them - Reports can now be filtered by either deleting results or shift/ctrl selecting results - Users can right click within the Browse View to search directly for paths - The name/value box in the Browse View is now sortable - We also have six new plugins from Kevin Moore of CERT!

    2011-09-23 - Lawrence R. Rogers <lrr@cert.org> 20110919-1 * Release 20110919-1 * Initial release

    Advertisement
    Advertisement