Skip to main content
Back to All Trainings
Training

Windows Registry Forensic Analysis

Windows Registry Forensic Analysis

Training Overview

The "Windows Registry Forensic Analysis" training comprehensively teaches how to analyze the Windows Registry in forensic investigations and extract digital evidence. The training covers the fundamental structure and function of the Registry, introducing the tools and techniques used in the collection and analysis of digital evidence.

What You Will Learn

  • The structure of the Windows Registry and the role of hives.
  • How to use tools like Registry Explorer and RegRipper for analysis.
  • How to find evidence of program execution, user activity, and persistence mechanisms.
  • How to analyze artifacts like UserAssist keys.

Who is this for?

  • Digital Forensic Investigators.
  • Incident Responders.
  • Malware Analysts.

Prerequisites

  • A solid understanding of the Windows operating system.
  • Prior experience with forensic principles is recommended.

Tools You Will Use

  • KAPE
  • FTK Imager
  • Registry Explorer
  • RegRipper

Training Sections

  • Introduction
  • KAPE
  • FTK
  • Registry Explorer
  • UserAssist
  • RegRipper
  • Exam

Get Started

Unlock the skills to get ahead. Your training starts now.Start Training Now