Regipy: Automating registry forensics with python presented at BSidesTLV 2020

by Martin Korman,

Summary : Regipy is an OS independent python library for parsing offline registry hives. Regipy can be used to parse registry hives in scale (collected from hundreds of machines) and a lot of interesting data analysis can be done on the results, as I intend to show in the Demo. The demo would be very practical and show how the results of Regipy can be useful to crack a forensic case. (See a small example in the blog post attached)