Generates interactive forensic reports from RegEx-acquired evidence, including registry hives, USB artifacts, Prefetch metadata, and acquisition logs. Uses Python + Jinja2 for automated Windows forensics reporting.
Understanding what forensic artifacts are present in the Windows and Linux Operating Systems, how to collect them, and leverage them to investigate security incidents.
Hive2CSV Live is a professional Windows registry forensics tool designed to extract data from registry hives (NTUSER.DAT, SYSTEM, SOFTWARE, etc.) and convert it into a clean, structured CSV format optimized for AI‑assisted analysis using LLMs such as Google Gemini and ChatGPT.
RegEx is a portable Windows Registry Acquisition tool designed for forensic investigators. It runs directly from a USB device, requires no installation, and extracts targeted registry hives using predefined acquisition profiles. Built for speed, reliability, and zero-footprint operation.
Add a description, image, and links to the registry-forensics topic page so that developers can more easily learn about it.
To associate your repository with the registry-forensics topic, visit your repo's landing page and select "manage topics."