tag:blogger.com,1999:blog-9518042.post2666524200521295580..comments2024-03-19T07:46:20.437-05:00Comments on Windows Incident Response: Registry AnalysisUnknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-9518042.post-37715472885150266502007-09-23T15:50:00.000-05:002007-09-23T15:50:00.000-05:00Richard,> I was wondering if you knew of any > ope...Richard,<BR/><BR/>> I was wondering if you knew of any <BR/>> open source utilities to analyze <BR/>> the Windows XP registry on a DD <BR/>> image?<BR/><BR/>Only my own...most of which I am currently developing. The problem I've been seeing is that most of the Registry "analysis" tools out there don't do any analysis at all, but rather simply make the Registry viewable. Even on the commercial side, Registry tools don't seem to be written by or for forensic analysts...<BR/><BR/>If there's something specific I can assist with, please feel free to contact me.H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.comtag:blogger.com,1999:blog-9518042.post-18344874891943932902007-09-22T18:18:00.000-05:002007-09-22T18:18:00.000-05:00Harlan,I read this posthttp://windowsir.blogspot.c...Harlan,<BR/><BR/>I read this post<BR/><BR/>http://windowsir.blogspot.com/2007/03/mounting-dd-image.html<BR/><BR/>because I believe I will have to use the methods you describe to review a hard drive soon.<BR/><BR/>I was wondering if you knew of any open source utilities to analyze the Windows XP registry on a DD image?Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.com