RegRippy Logo

RegRippy

0
Free
Visit Website

RegRippy is a framework for reading and extracting useful forensics data from Windows registry hives, developed in modern Python 3 as an alternative to RegRipper. It utilizes William Ballenthin's python-registry to access the raw registry hives, aiming to provide a framework for developing plugins in an incident response scenario.

FEATURES

ALTERNATIVES

A user-friendly and fast Forensic Analysis tool with features like tagging files and generating preview reports.

A cybersecurity tool for collecting and analyzing forensic artifacts on live systems.

A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.

Truehunter is a tool designed to detect encrypted containers with a focus on Truecrypt and Veracrypt, utilizing a fast and memory efficient approach.

Automated collection tool for incident response triage in Windows systems.

A file search and query tool for ops and security experts.

Tool for analyzing Windows Recycle Bin INFO2 file

A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.