Example Usage
usage: regrip.py [-h] [--system SYSTEM] [--software SOFTWARE] [--sam SAM]
[--ntuser NTUSER] [--usrclass USRCLASS] [--root ROOT]
[--all-user-hives] [--backups] [--verbose] [--bodyfile]
[--list]
plugin_name
Extract information from Windows Registry hives
positional arguments:
plugin_name Name of the plugin to run
optional arguments:
-h, --help show this help message and exit
--system SYSTEM, -y SYSTEM
Path to the SYSTEM hive. Overrides --root and the
REG_SYSTEM environment variable
--software SOFTWARE, -o SOFTWARE
Path to the SOFTWARE hive. Overrides --root and the
REG_SOFTWARE environment variable
--sam SAM, -a SAM Path to the SAM hive. Overrides --root and the REG_SAM
environment variable
--ntuser NTUSER, -n NTUSER
Path to the NTUSER.DAT hive. Overrides the REG_NTUSER
environment variable
--usrclass USRCLASS, -u USRCLASS
Path to the UsrClass.DAT hive. Overrides the
See also
Volatility Workbench
Free
Free GUI front-end for Volatility 3 memory forensics framework on Windows. Simplifies memory analysi…
byvalver
Free
takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalit…
toolkit
Free
The essential toolkit for reversing, malware analysis, and cracking…
aparoid
Free
Static and dynamic Android application security analysis…
apiosintDS
Open Source
On demand query API for https://github.com/davidonzo/Threat-Intel project.…
volatility3
Free
Volatility is the world's most widely used framework for extracting digital artifacts from volatile …