applications/forensics tools

regripper - A Windows Registry data extraction and correlation tool

Website: http://www.regripper.net/RegRipper/RegRipper/rr_20080909.zip
License: GPL
Vendor: cert.org
Description:
RegRipper is a Windows Registry data extraction and correlation
tool. RegRipper uses plugins (similar to Nessus) to access specific
Registry hive files in order to access and extract specific keys, values,
and data, and does so by bypassing the Win32API.

Packages

regripper-20111014-1.fc12.src [2.5 MiB] Changelog by Lawrence R. Rogers (2011-10-20):
* Release 20111014-1
    Now uses regripper plugins 20111014
	+ Added (NEW PLUGIN) Corey Harrell "userinfo.pl" (Microsoft Office)
	+ Added references to officedocs2010.pl (provided by Cameron Howell).
	- Removed the use of "DateTime::Format::WindowsFileTime" from officedocs2010.pl (ref: Issue 1).
	* PURGED OLD/REDUNDANT PLUGINS (ref: Issue 12): the process of plugins eliminating and renaming was based to the fact
	  that the new plugins generated the same output of the old one (eventually with enhancement). *PLEASE UPDATE YOUR PLUGIN LIST
	  FILES* (otherwise you will get error when trying to use the renamed/delete plugins). As following:
	- Eliminated old "comdlg32.pl" and renamed the plugin "comdlg32a.pl" to "comdlg32.pl". Updated version number to be
	   able to compare and track down changes.
	- Eliminated old "mountdev.pl" and renamed the plugin "mountdev2.pl" to "mountdev.pl". Updated version number to be able
	  to compare and track down changes: current version is 20110901.
	- Eliminated "port_dev.pl": the current plugin is "removedev.pl", as renamed by its author H.Carvey.
	- Eliminated old "timezone.pl" and renamed the plugin "timezone2.pl" to "timezone.pl". Updated version number to be able
	  to compare and track down changes: current version is 20110901.
	- Eliminated old "samparse.pl" and renamed this plugin "sameparse2.pl" to "samparse.pl". Updated version number to
	  be able to compare and track down changes: current version is 20110901

Listing created by Repoview-0.6.5-1.el5