DFIR Tools

License Type
Forensic Utilities - Windows
A modern Python-3-based alternative to RegRipper 

RegRip py is a framework for reading and extracting useful forensics data from Windows registry hives. It is an alternative to RegRipper developed in modern Python 3. It makes use of William Ballenthin's python-registry to access the raw registry hives.

The goal of this project is to provide a framework for quickly and easily developing your own plugins in an incident response scenario.

This tool will try its best to stay out of your way and quickly provide you with usable data:

User comments

There are no user comments for this listing.
Already have an account? or Create an account