Re: [sleuthkit-users] Python/Jython and Windows registry analysis
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] Python/Jython and Windows registry analysis
|
From: Tim <tim...@se...> - 2015-04-17 15:34:01
|
On Thu, Apr 16, 2015 at 11:23:59PM +0000, James H Jr Jones wrote: > We'd like to implement some existing Python Windows registry > analysis scripts as Autopsy modules. As far as we can tell, the > _winreg module is not implemented in Jython, so asking for > recommendations on the best Python way to access the Windows registry > from within Autopsy. Might accessing raw RegRipper output work, is > there an alternative Jython module, or is there a better way? The > script developers are a group of my students learning Python, so > implementing the modules in Java isn't an option. Hi Jim, My regfi[1] C library has had python wrappers[2] for some time, but not sure if it would work with Jython. You could also parse reglookup[3] output which is quite structured and well-defined. tim 1. http://projects.sentinelchicken.org/data/doc/reglookup/regfi/ 2. http://projects.sentinelchicken.org/data/doc/reglookup/pyregfi/ 3. http://projects.sentinelchicken.org/reglookup/download/ |
