O'Reilly logo

Windows Forensic Analysis Toolkit, 4th Edition by Harlan Carvey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5

Registry Analysis

The Windows Registry is a veritable treasure trove of data that can be valuable, or even critical, to an investigation. As such, analysts need to have some familiarity with the Registry, and what can be found within the various hive files. Other resources have provided considerable background information on the Registry itself, as well as what can be found within the Windows XP Registry hive files. Every new version of Windows brings a new application-level structure to the Registry, and this information needs to be explored, documented, and understood.

Keywords

Registry; hive

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required