joachimmetz
commented
2 years ago @wajihyassine sry but we cannot use regripper due to questionable license issues in the past that were never resolved by the author. Tl;dr it has a tainted license
Open wajihyassine opened 2 years ago
joachimmetz
commented
2 years ago @wajihyassine sry but we cannot use regripper due to questionable license issues in the past that were never resolved by the author. Tl;dr it has a tainted license
joachimmetz
commented
2 years ago Maybe consider https://github.com/airbus-cert/regrippy as an alternative or https://github.com/libyal/winreg-kb
wajihyassine
commented
2 years ago Ah good catch ty Joachim. Used it in past role where it provided quick summary output, the two you linked seem promising as well. Will adjust initial comment to reference them instead.
Implement a job that utilizes RegRipper to pull contextual summary information from Windows Registry Hives, useful for many types of investigations.
Please see reference tools below.