Registry Analysis

Abstract

This chapter provides an overview of what Registry analysis should consist of and provides an initial foundation for understanding the binary and logical structure of the Windows Registry.

Keywords

Analysis; Keys; Locard; Registry; Structure; Values

Information in this chapter

• Core Analysis Concepts

• What is the Window Registry?

• Registry Structure

Introduction

The Windows Registry is a core component of the Windows operating systems, and yet when it comes to digital analysis of Windows systems, is perhaps the least understood component of a Windows system. This may be due to how little information seems to have been written on the subject; however, if you spend just a little time looking ...

Get Windows Registry Forensics, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Registry Forensics, 2nd Edition by Harlan Carvey

Registry Analysis

Abstract

Keywords

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly