hivex Logo

hivex

0
Free
Visit Website

Hivex is a Windows Registry hive extraction library that allows users to read and write Windows Registry 'hive' binary files. It provides a C API and can export the hive as XML. The library is written in C and has bindings for OCaml, Perl, Python, and Ruby. It is licensed under LGPL v2.1. Hivex is a self-contained library that does not use the textual .REG format for output. Instead, it provides a C API and a separate program to export the hive as XML. The library is derived from several sources, including NTREG registry reader/writer library and dumphive, a BSD-licensed Pascal program. Hivex is designed to be more careful about handling error cases, corrupt and malicious registry files, and endianness compared to other libraries.

FEATURES

ALTERNATIVES

A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.

Documentation project for Digital Forensics Artifact Repository

A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.

Python script to parse macOS MRU plist files into human-friendly format

Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.

Open source digital forensics tools for analyzing disk images and recovering files.

A tool for fixing acquired .evt Windows Event Log files in digital forensics.

Remote Acquisition Tool

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved