±Your Account
Membership:
New Today: 0
New Yesterday: 4
Overall: 24370
Visitors: 35
±Latest Articles
· Catching the ghost: how to discover ephemeral evidence with Live RAM analysis
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
±Follow Us
±Latest Jobs
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
Windows 8 Registry Tool
Windows 8 Registry Tool
Posted: Fri Dec 07, 2012 6:55 am
Hello There,
I am looking to develop a tool which extracts local registry information on a local machine as well as from post mortem registry key files.
I am new to programming but I could like to develop this tool in .net so please any sample code, tips or any kind of help would be very much appreciated.
Thanks for reading and hope to hear from you soon.
I am looking to develop a tool which extracts local registry information on a local machine as well as from post mortem registry key files.
I am new to programming but I could like to develop this tool in .net so please any sample code, tips or any kind of help would be very much appreciated.
Thanks for reading and hope to hear from you soon.
-
Cmplambr - Newbie
Re: Windows 8 Registry Tool
Posted: Fri Dec 07, 2012 7:25 am
These:
msdn.microsoft.com/en-...S.85).aspx
reboot.pro/index.php?s...opic=11212
reboot.pro/index.php?s...opic=11312
may be of help for "offline" Registry reading.
If you want to go "where no man went before" (almost
) there are ample spaces of developing in the "Registry as a filesystem" approach, which was abandoned in a very earlyl stage:
reboot.pro/topic/7681-...ilesystem/
jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. -
msdn.microsoft.com/en-...S.85).aspx
reboot.pro/index.php?s...opic=11212
reboot.pro/index.php?s...opic=11312
may be of help for "offline" Registry reading.
If you want to go "where no man went before" (almost
) there are ample spaces of developing in the "Registry as a filesystem" approach, which was abandoned in a very earlyl stage:reboot.pro/topic/7681-...ilesystem/
jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. -
-
jaclaz - Senior Member