reglookup - Windows NT registry reader/lookup tool

Property Value
Distribution Fedora 25
Repository CERT Forensics Tools x86_64
Package name reglookup
Package version 1.0.1
Package release 2.fc25
Package architecture x86_64
Package type rpm
Installed size 512.67 KB
Download size 138.50 KB
Official Mirror
RegLookup project is an small command line utility for reading and
querying Windows NT/2K/XP registries.
Currently the program allows one to read an entire registry and output
it in a (mostly) standardized, quoted format. It also provides features
for filtering of results based on registry path and data type.


Package Version Architecture Repository
reglookup-1.0.1-2.fc25.i686.rpm 1.0.1 i686 CERT Forensics Tools
reglookup - - -


Name Value - - - - - - -
python(abi) = 2.7
rtld(GNU_HASH) -


Name Value -
python2.7dist(pyregfi) =
python2dist(pyregfi) =
reglookup = 1.0.1-2.fc25
reglookup(x86-64) = 1.0.1-2.fc25


Type URL
Binary Package reglookup-1.0.1-2.fc25.x86_64.rpm
Source Package reglookup-1.0.1-2.fc25.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-25 rpm:
  2. Install cert-forensics-tools-release-25 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install reglookup rpm package:
    # dnf --enablerepo=forensics install reglookup




2012-03-12 - Lawrence R. Rogers <> 1.0.1-2
* Release 1.0.1-2
Patch 278: fix for pyregfi install
Patch 277: incorporated a version of Adam Golebiowski's build patches reworked REGFI_VERSION and began using it in pyregfi installation
Patch 276: added 1.0.1 target
2011-10-02 - Lawrence R. Rogers <> 1.0.1-1
* Release 1.0.1-1
This bug-fix release addresses some issues identified since the last release and includes no significant changes to functionality. Fixes include:
Minor changes and fixes to unicode handling in pyregfi
Corrected an infinite loop on corrupted registries discovered by Andrew Case
Added ldconfig call during installation
Improved error reporting and other minor fixes
2011-09-20 - Lawrence R. Rogers <> 1.0.0-2
* Release 1.0.0-2
Rebuilt to use python 2.7
2011-06-19 - Lawrence R. Rogers <> 1.0.0-1
* Release 1.0.0-1
This major release stablizes the previous release candidate and adds minor improvements, including:
SK records and security descriptors now accessible in pyregfi
Added key caching to regfi, reintroduced SK caching
Minor API simplifications and improved documentation
Numerous bug fixes
2011-05-01 - Lawrence R. Rogers <> 0.99.0-1
* Release 0.99.0-1
This 1.0 release candidate contains major improvements to regfi usability.  Important changes include:
Made regfi a proper library and made major improvements to the API
Added Python bindings (pyregfi) for regfi
Replaced Make-based build system with a SCons-based one
Numerous improvements in regfi for multithreaded use, memory management
Improved API documentation

See Also

Package Description
regripper-28000000-5.fc25.noarch.rpm A Windows Registry data extraction and correlation tool
regripper-plugins-20151216-2.fc25.noarch.rpm Plugins for regripper
regripper-plugins-20170809-1.fc25.noarch.rpm Plugins for regripper
rifiuti-20040505_1-1.fc25.x86_64.rpm Examine the contents of INFO2 in the Windows Recycle bin
rifiuti2-0.5.1-1.fc25.x86_64.rpm Examine the contents of INFO2 in the Windows Recycle bin
rifiuti2-0.6.1-1.fc25.x86_64.rpm Examine the contents of INFO2 in the Windows Recycle bin
scrounge-ntfs-0.9-1.fc25.x86_64.rpm Data recovery program for NTFS file systems
sfdumper-2.2-1.fc25.noarch.rpm A Selective File Dumper program built on top of the Sleuthkit
shellbags-0.5.5-1.fc25.noarch.rpm Cross-platform shellbag parser
silk-analysis-3.13.0-1.fc25.x86_64.rpm SiLK Toolset: The Analysis Suite
silk-analysis-3.14.0-1.fc25.x86_64.rpm SiLK Toolset: The Analysis Suite
silk-analysis-3.15.0-1.fc25.x86_64.rpm SiLK Toolset: The Analysis Suite
silk-analysis-3.16.0-1.fc25.x86_64.rpm SiLK Toolset: The Analysis Suite
silk-analysis-3.16.0-3.fc25.x86_64.rpm SiLK Toolset: The Analysis Suite
silk-analysis-3.16.1-1.fc25.x86_64.rpm SiLK Toolset: The Analysis Suite