AuthorAndrew Case

Total time: 10 minutes

Registry Decoder is an open source forensics tool that performs automated acquisition and analysis of registry hives. In this module we explore the time lining, differencing, and path-based features of Registry Decoder. In the lab you will be given a pre-processed Registry Decoder case and then have to answer questions based on investigation with Registry Decoder.

