Skip to content
/ Windows-Registry-Forensics-Tool Public

# Windows Registry Forensics Tool This tool is designed for analyzing Windows Registry data and helps with forensic investigations.

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mrirfankhan/Windows-Registry-Forensics-Tool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
registry_forensics.py
registry_forensics.py
 
 

Repository files navigation

Windows Registry Forensics Tool

This tool is designed for analyzing Windows Registry data and helps with forensic investigations. It can extract useful information like the last logged-in user, installed programs, recently accessed files, and more.

Features

  • Last Logged-In User: Retrieve details of the last logged-in user.
  • Installed Programs: List of programs installed on the system.
  • Recently Opened Files: List of files that have been recently accessed.
  • Running Processes: Display currently running processes on the system.
  • Registry Monitoring: Provides the ability to monitor specific registry keys for changes.

Requirements

  • Python 3.x
  • psutil library (for process and system information)
  • winreg library (for Windows registry access)

Install Dependencies

To get started, you'll need to install the necessary dependencies. Run the following command to install them:

pip install psutil

About

# Windows Registry Forensics Tool This tool is designed for analyzing Windows Registry data and helps with forensic investigations.

Topics

tesla forensics forensic-analysis hackerone hackig tryhackme googlehack forensics-tools bugboutry

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages