regripper-plugins-20151216-2.fc25.noarch.rpm


Advertisement

Description

regripper-plugins - Plugins for regripper

Distribution: Fedora 25
Repository: CERT Forensics Tools x86_64
Package name: regripper-plugins
Package version: 20151216
Package release: 2.fc25
Package architecture: noarch
Package type: rpm
Installed size: 1.09 MB
Download size: 204.53 KB
Official Mirror: forensics.cert.org
RegRipper is a Windows Registry data extraction and correlation tool. RegRipper uses plugins (similar to Nessus) to access specific Registry hive files in order to access and extract specific keys, values, and data, and does so by bypassing the Win32API.

Provides

  • regripper-plugins = 20151216-2.fc25

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install regripper-plugins rpm package:
      # dnf --enablerepo=forensics install regripper-plugins

    Files

    • /usr/share/perl5/vendor_perl/regripper/plugins/acmru.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/adoberdr.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ahaha.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/aim.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/all
    • /usr/share/perl5/vendor_perl/regripper/plugins/amcache.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/aports.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/appcertdlls.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/appcompatcache.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/appcompatcache_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/appcompatflags.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/appinitdlls.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/applets.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/applets_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/apppaths.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/apppaths_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/appspecific.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ares.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/arpcache.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/assoc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/at.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/at_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/attachmgr.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/attachmgr_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/audiodev.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/auditfail.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/auditpol.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/auditpol_xp.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/autoendtasks.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/autorun.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/backuprestore.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/banner.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/baseline.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/bho.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/bitbucket.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/bitbucket_user.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/brisv.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/btconfig.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/bthport.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cached.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cached_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cain.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ccleaner.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cdstaginginfo.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/clampi.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/clampitm.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/clsid.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cmd_shell.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cmd_shell_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cmd_shell_u.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cmdproc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cmdproc_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/codeid.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/comdlg32.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/comfoo.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/compdesc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/compname.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/controlpanel.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/cpldontload.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/crashcontrol.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ctrlpnl.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/dcom.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ddm.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ddo.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/decaf.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/defbrowser.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/del.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/del_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/dependency_walker.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/devclass.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/dfrg.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/diag_sr.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/direct.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/direct_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/disablelastaccess.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/disablesr.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/dllsearch.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/dnschanger.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/domains.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/drivers32.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/drwatson.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/emdmgmt.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/environment.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/esent.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/etos.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/eventlog.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/eventlogs.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/fileexts.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/filehistory.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/fileless.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/findexes.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/fw_config.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/gauss.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/gpohist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/gpohist_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/gthist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/gtwhitelist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/handler.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/haven_and_hearth.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/hibernate.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ide.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/identities.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ie_main.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ie_settings.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ie_version.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ie_zones.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/iejava.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/imagedev.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/imagefile.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/init_dlls.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/inprocserver.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/installedcomp.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/installer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/internet_explorer_cu.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/internet_settings_cu.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/itempos.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/javafx.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/javasoft.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/kankan.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/kb950582.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/kbdcrash.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/knowndev.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/landesk.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/landesk_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/latentbot.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/lazyshell.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/legacy.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/legacy_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/licenses.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/listsoft.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/liveContactsGUID.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/load.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/logonusername.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/lsa_packages.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/lsasecrets.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/macaddr.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/malware.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/menuorder.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mixer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mixer_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mmc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mmc_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mmo.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mndmru.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mndmru_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mountdev.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mountdev2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mp2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mp3.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mpmru.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mrt.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/msis.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/mspaper.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/muicache.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/muicache_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/nero.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/netassist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/netsvcs.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/network.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/networkcards.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/networklist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/networklist_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/networkuid.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/nic.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/nic2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/nic_mst2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/nolmhash.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ntuser
    • /usr/share/perl5/vendor_perl/regripper/plugins/ntusernetwork.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/odysseus.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/officedocs.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/officedocs2010.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/officedocs2010_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/oisc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/olsearch.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/opencandy.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/osversion.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/osversion_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/outlook.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/outlook2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/pagefile.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/pending.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/phdet.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/photos.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/polacdms.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/policies_u.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/port_dev.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/prefetch.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/printermru.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/printers.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/privoxy.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/processor_architecture.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/product.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/productpolicy.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/producttype.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/profilelist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/profiler.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/proxysettings.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/publishingwizard.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/putty.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/rdphint.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/rdpport.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/reading_locations.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/realplayer6.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/realvnc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/recentdocs.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/recentdocs_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/regback.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/regin.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/regtime.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/regtime_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/removdev.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/renocide.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/reveton.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/rlo.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/rootkit_revealer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/routes.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/runmru.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/runmru_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/safeboot.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sam
    • /usr/share/perl5/vendor_perl/regripper/plugins/samparse.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/samparse_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/schedagent.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/secctr.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/secrets.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/secrets_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/security
    • /usr/share/perl5/vendor_perl/regripper/plugins/securityproviders.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/services.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sevenzip.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sfc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shares.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellbags.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellbags_test.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellbags_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellbags_xp.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellexec.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellext.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellfolders.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shellitems.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shelloverlay.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shutdown.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/shutdowncount.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sizes.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/skype.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/snapshot.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/snapshot_viewer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/soft_run.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/software
    • /usr/share/perl5/vendor_perl/regripper/plugins/spp_clients.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sql_lastconnect.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/srun_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ssh_host_keys.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/ssid.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/startmenuinternetapps_cu.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/startmenuinternetapps_lm.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/startpage.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/startup.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/stillimage.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/susclient.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/svc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/svc_plus.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/svc_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/svcdll.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/svchost.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sysinternals.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/sysinternals_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/system
    • /usr/share/perl5/vendor_perl/regripper/plugins/systemindex.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/teamviewer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/termcert.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/termserv.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/timezone.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/tracing.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/tracing_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/trappoll.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/trustrecords.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/trustrecords_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/tsclient.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/tsclient_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/typedpaths.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/typedpaths_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/typedurls.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/typedurls_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/typedurlstime.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/typedurlstime_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/uac.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/uninstall.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/uninstall_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/unreadmail.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/urlzone.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/urun_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/usb.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/usbdevices.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/usbstor.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/usbstor2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/usbstor3.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/user_run.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/user_win.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/userassist.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/userassist_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/userinfo.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/userlocsvc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/usrclass
    • /usr/share/perl5/vendor_perl/regripper/plugins/vawtrak.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/virut.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/vista_bitbucket.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/vmplayer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/vmware_vsphere_client.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/vnchooksapplicationprefs.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/vncviewer.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/volinfocache.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/wallpaper.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/warcraft3.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/wbem.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/win_cv.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winbackup.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winevt.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winlogon.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winlogon_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winlogon_u.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winnt_cv.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winrar.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winrar2.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winrar_tln.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winscp.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winscp_sessions.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winver.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winvnc.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/winzip.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/wordwheelquery.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/wpdbusenum.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/xpedition.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/yahoo_cu.pl
    • /usr/share/perl5/vendor_perl/regripper/plugins/yahoo_lm.pl

    Changelog

    2015-12-17 - Lawrence R. Rogers <lrr@cert.org> 20151216-2 * Release 20151216-2 Added missing files: all ntuser sam security software system usrclass

    2015-12-16 - Lawrence R. Rogers <lrr@cert.org> 20151216-1 * Release 20151216-1 Plugins from 20151216

    2013-04-29 - Lawrence R. Rogers <lrr@cert.org> 20130429-1 * Release 20130429-1 Includes the following changes 20130429 created winlogon_tln.pl, applets_tln.pl added alertMsg() func. to: brisv.pl, inprocserver.pl, inprocserver_u.pl, iejava.pl, spp_clients.pl retired scanwithav.pl (func. included in attachmgr.pl) retired taskman.pl (func. included in winlogon.pl) retired vista_wireless.pl (func. in networklist.pl) 20130425 RegRipper and rip updated to v2.8; added alertMsg() capability retired userinit.pl (functionality included in winlogon.pl) created new plugins srun_tln.pl, urun_tln.pl,cmdproc_tln.pl -cmd_shell_tln.pl,muicache_tln.pl added alertMsg() functionality to rip.pl, rr.pl, and plugins appcompatcache.pl, appcompatcache_tln.pl appinitdlls.pl soft_run.pl, user_run.pl imagefile.pl winlogon.pl, winlogon_u.pl muicache.pl (look for values with "Ttemp" paths) attachmgr.pl (look for values per KB 883260) virut.pl cmdproc.pl, cmd_shell.pl 20130411 retired specaccts.pl & notify.pl; incorporated functionality into winlogon.pl 20130410 retired taskman.pl; merged into winlogon.pl updated winlogon.pl (Wow6432Node support, etc.) updated winlogon_u.pl (Wow6432Node support) updated shellexec.pl, imagefile.pl, installedcomp.pl (Wow6432Node support) 20130409 added drivers32.pl (C. Harrell) to the archive 20130408 updated bho.pl to support Wow6432Node 20130405 updated cmd_shell.pl to include Clients subkey in the Software hive created cmd_shell_u.pl fixed issue with rip.exe syntax info containing 'rr' fixed banner in findexes.pl + NOTE RegRipperPluginsPackage (RRPP) counts 285 plugins

    2013-04-04 - Lawrence R. Rogers <lrr@cert.org> 20130404-1 * Release 20130404 + NOTE: these are the packager's comments on what is new in this release, not the authors. + NEW PLUGIN attachmgr.pl The Windows Attachment Manager manages how attachments are handled, and settings are on a per-user basis. Malware has been shown to access these settings and make modifications. + NEW PLUGIN javasoft.pl Gets contents of JavaSoft/UseJava2IExplorer value + NEW PLUGIN lsa_packages.pl Lists various *Packages key contents beneath LSA key + NEW PLUGIN olsearch.pl Gets contents of user's OutLook Searches + NEW PLUGIN outlook2.pl Gets MAPI (Outlook) settings *BETA* + NEW PLUGIN photos.pl Read data on images opened via Win8 Photos app + NEW PLUGIN scanwithav.pl Checks ScanWithAV value in Software hive, per KB 883260 + NEW PLUGIN uac.pl Get User Account Control (UAC) Values from HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System + UPDATE appinitdlls.pl updated to address 64-bit systems + UPDATE ares.pl updated based on data provided by J. Weg + UPDATE ie_settings.pl added "AutoConfigURL" value info + UPDATE inprocserver.pl fixed retrieving LW time from correct key + UPDATE landesk.pl added Wow6432Node path + UPDATE sevenzip.pl minor updates added + UPDATE soft_run.pl updated to include Policies keys; added additional keys + UPDATE ssh_host_keys.pl Added rptMsg for key not found errors by Corey Harrell + UPDATE termserv.pl updated with autostart locations + UPDATE user_run.pl added additional keys; updated to include Policies keys; updated to include additional keys; updated to include 64-bit, additional keys/values + UPDATE winlogon_u updated with ThreatExpert info + UPDATE winscp_sessions.pl Added rptMsg for key not found errors by Corey Harrell + NOTE RegRipperPluginsPackage (RRPP) now counts 236 plugins

    Advertisement
    Advertisement