Home Presentations In-Depth Forensic Analysis of Windows Registry Files

In-Depth Forensic Analysis of Windows Registry Files


The Windows registry is an essential source of evidence when performing a wide range of examinations. In a recent talk (ZeroNights, 2017), Maxim Suhanov described various problems with popular tools used to parse offline registry hives and to recover deleted data.

You can find the slides here.

  • How to Perform Hadoop Forensics

    In this post Chiheb Chebbi shows you how to perform Hadoop forensics. You will learn about…
  • Cloud Forensics: Box

    It seems we really enjoy forensicating desktop apps for cloud services. Last week we start…
  • The Magic of Raw Data Carving

    You have used all of the utilities in your expensive forensic suite, and other programs to…
Load More Related Articles
Load More In Presentations

Leave a Reply

Your email address will not be published. Required fields are marked *