I received an email from an enthusiastic user of RegRipper today, pointing me to a blog he'd posted on his experiences with the tool. I don't read Spanish, but I am really glad to see others using the tool. This post led me to another post explaining the use of RegRipper at NeoSysForensics.
Also, from his blog, I found a link to Moyix's example output of RegRipper, apparently run against hive files in memory using the RegRipper/Volatility prototype.
What tkanomi is saying basically is:
ReplyDelete* A few years ago he attended a SANS class where you were teaching. He says that you were the most influential person in his professional career. He then praises your teaching eagerness and ability.
* He gives a small description of hives supporting files.
* He describes the use of RegRipper through a practical example.
That's pretty much it I believe ;)
Thanks for the translation!
ReplyDeletetranslate it with google... works for the most part.
ReplyDeletehttp://translate.google.com/translate?prev=hp&hl=en&u=http%3A%2F%2Fneosysforensics.blogspot.com%2F2009%2F03%2Fregripper.html&sl=es&tl=en