RegRippy Logo

RegRippy

0
Free
Visit Website

RegRippy is a framework for reading and extracting useful forensics data from Windows registry hives, developed in modern Python 3 as an alternative to RegRipper. It utilizes William Ballenthin's python-registry to access the raw registry hives, aiming to provide a framework for developing plugins in an incident response scenario.

FEATURES

ALTERNATIVES

A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.

A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.

A tool for analyzing pentest screenshots using a convolutional neural network

iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.

DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.

A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.

Analyzing WiFiConfigStore.xml file for digital forensics on Android devices.

A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.