Hello )
does anyone know if there is a port of regripper for linux? or other similar tools?
thnx in advice.
SIFT
SIFT?
this SIFT?
https://
i can't see anything similar to regripper in the tools list, but maybe i'm just so tired that i'm getting blind..
i was looking for something to install on my existing OS i'm using on my forensic workstation.
This SANS blog post shows you what you need to do this
https://
Are Sans Portal accounts free? I was going to have a look at SIFT, but I balked when they ask for a billing address. I don't like to give billing info unless I actually intend to purchase something.
RegRipper is all perl, so it works on linux just fine as long as you have the required libraries (ParseWin32Registry)
and change the c\windows\perl references to linuxy /usr/bin/perl
No need to download 1.5Gig of SIFT just for that!
But if you like as far as I know SANS Portal accounts are free.
I wasn't going to download SIFT for RegRipper, I already have 3 registry reporting solutions to choose from. I'm going to try out the whole thing when I get some free time. Thanks for confirming it's free.
Have a look at this.
Regextract
Similar output to Reg ripper , there is a mono runtime which works fine under linux.
Woany also has some other forensic tools which run under linux too. eg link file parser.
I have also used wine to run Regripper (the compiled exe) under linux with no problems.
RegRipper is all perl, so it works on linux just fine as long as you have the required libraries (ParseWin32Registry)
and change the c\windows\perl references to linuxy /usr/bin/perl
No need to download 1.5Gig of SIFT just for that!
But if you like as far as I know SANS Portal accounts are free.
You may have to open the perl script files and resave them with Linux line endings, since the scripts where created on Windows, you'll get an error if you try to run them even if you chance the shebang line.
You can use the exe files with wine…but yeah, they are originally written in perl so you shouldn't have any issues.