python-registry-1.2.0-1.fc25.x86_64.rpm


Advertisement

Description

python-registry - Read access to Windows Registry Files

Property Value
Distribution Fedora 25
Repository CERT Forensics Tools x86_64
Package name python-registry
Package version 1.2.0
Package release 1.fc25
Package architecture x86_64
Package type rpm
Installed size 186.25 KB
Download size 45.70 KB
Official Mirror forensics.cert.org
python-registry was originally written by Willi Ballenthin, a forensicator at Mandiant who wanted to access the contents of the
Windows Registry from his Linux laptop. python-registry currently provides read-only access to Windows Registry files,
such as NTUSER.DAT, userdiff, and SAM. The interface is two-fold: a high-level interface suitable for most tasks, and a low level
set of parsing objects and methods which may be used for advanced study of the Windows Registry. python-registry is written in pure
Python, making it portable across all major platforms.

Alternatives

Package Version Architecture Repository
python-registry-1.2.0-1.fc25.i686.rpm 1.2.0 i686 CERT Forensics Tools
python-registry - - -

Requires

Name Value
python >= 2.7
python(abi) = 2.7

Provides

Name Value
python-registry = 1.2.0-1.fc25
python-registry(x86-64) = 1.2.0-1.fc25
python2.7dist(python-registry) = 1.2.0
python2dist(python-registry) = 1.2.0

Download

Type URL
Binary Package python-registry-1.2.0-1.fc25.x86_64.rpm
Source Package python-registry-1.2.0-1.fc25.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-25 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-25.rpm
  2. Install cert-forensics-tools-release-25 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install python-registry rpm package:
    # dnf --enablerepo=forensics install python-registry

Files

Path
/usr/lib/python2.7/site-packages/Registry/Registry.py
/usr/lib/python2.7/site-packages/Registry/Registry.pyc
/usr/lib/python2.7/site-packages/Registry/Registry.pyo
/usr/lib/python2.7/site-packages/Registry/RegistryLog.py
/usr/lib/python2.7/site-packages/Registry/RegistryLog.pyc
/usr/lib/python2.7/site-packages/Registry/RegistryLog.pyo
/usr/lib/python2.7/site-packages/Registry/RegistryParse.py
/usr/lib/python2.7/site-packages/Registry/RegistryParse.pyc
/usr/lib/python2.7/site-packages/Registry/RegistryParse.pyo
/usr/lib/python2.7/site-packages/Registry/__init__.py
/usr/lib/python2.7/site-packages/Registry/__init__.pyc
/usr/lib/python2.7/site-packages/Registry/__init__.pyo
/usr/lib/python2.7/site-packages/python_registry-1.2.0-py2.7.egg-info/PKG-INFO
/usr/lib/python2.7/site-packages/python_registry-1.2.0-py2.7.egg-info/SOURCES.txt
/usr/lib/python2.7/site-packages/python_registry-1.2.0-py2.7.egg-info/dependency_links.txt
/usr/lib/python2.7/site-packages/python_registry-1.2.0-py2.7.egg-info/requires.txt
/usr/lib/python2.7/site-packages/python_registry-1.2.0-py2.7.egg-info/top_level.txt
/usr/share/doc/python-registry/LICENSE.TXT
/usr/share/doc/python-registry/README.MD

Changelog

2015-12-22 - Willi Ballenthin <willi.ballenthin@gmail.com> 1.2.0-1
* Release 1.2.0-1
- [DEPRECATED] records() in HBINBlock, use the more correct cells() instead, by @NiKiZe
- fix bug in parsing of resident values with length zero, reported and patched by @BridgeyTheGeek
- fix handling of path cycles, reported and patched by @sbv-csis
2015-02-26 - Willi Ballenthin <willi.ballenthin@gmail.com> 1.1.0-2
* Release 1.1.0-2
This is the version available on 2015-02-26 which is a patch to 1.1.0 making release 2.
2015-02-16 - Willi Ballenthin <willi.ballenthin@gmail.com> 1.1.0-1
* Release 1.1.0-1
1.1.0
- add raw_data method
- fix testing scripts and methods
- add amcache.hve parsing script
- add script for mounting hive as file system via FUSE
- many fixes, including checksum calculations, by @NiKiZe
- fixes to RegDateTime parsing by @woanware
2014-07-03 - Willi Ballenthin <willi.ballenthin@gmail.com> 1.0.4-1
* Release 1.0.4-1
1.0.4
- correctly handle value types on Vista+ that require a DEVPROP_MASK_TYPE mask, thanks to @woanware
- support the new RegDateTime value type, used for instance in some USBSTOR values, thanks to @woanware
1.0.3
- use setuptools over distutils
1.0.2
- can now fetch hive name from a Registry hive, thanks to @woanware, @jallmantalbot
- can now guess the Registry hive type (NTUSER, USRCLASS, etc) from the hive name, thanks to @woanware
- better handling of key/value names through use of Windows-1252 encoding, thanks to @jallmantalbot and Joel Schnieder
2014-01-14 - Willi Ballenthin <willi.ballenthin@gmail.com> 1.0.1-1
* Release 1.0.1-1
1.0.1
- better detection and handling of malformed Unicode, thanks to @jallmantalbot and matt.a.hastings
- minor changes to formatting in sample scripts
1.0.0
- implemented Python3 support thanks to @3ev0
2012-01-04 - Willi Ballenthin <willi.ballenthin@gmail.com> 0.2.3-1
* Release 0.2.3-1

See Also

Package Description
python2-certifi-2016.9.26-2.fc25.noarch.rpm %{sum}
python2-certifi-2018.1.18-1.fc25.noarch.rpm %{sum}
python2-psutil-5.4.3-4.fc25.x86_64.rpm A process and system utilities module for Python
python2-ssdeep-3.2-1.fc25.x86_64.rpm Python wrapper for the ssdeep library
python3-certifi-2016.9.26-2.fc25.noarch.rpm Python 3 package for providing Mozilla's CA Bundle
python3-certifi-2018.1.18-1.fc25.noarch.rpm Python 3 package for providing Mozilla's CA Bundle
python3-psutil-5.4.3-4.fc25.x86_64.rpm A process and system utilities module for Python
python3-ssdeep-3.2-1.fc25.x86_64.rpm Python wrapper for the ssdeep library
pytsk3-20160721-1.fc25.x86_64.rpm pytsk - Python binding for The Sleuth Kit
pytsk3-20170324-1.fc25.x86_64.rpm pytsk - Python binding for The Sleuth Kit
pytsk3-20170802-1.fc25.x86_64.rpm pytsk - Python binding for The Sleuth Kit
pytsk3-20171108-1.fc25.x86_64.rpm pytsk - Python binding for The Sleuth Kit
pytsk3-20180228-1.fc25.x86_64.rpm pytsk - Python binding for The Sleuth Kit
qphotorec-7.0-3.1.fc25.x86_64.rpm Signature based file carver. Recover lost files
radare-2.0.10.4-1.fc25.x86_64.rpm Reverse Engineering Framework
Advertisement
Advertisement