Windows Registry and RAM Readiness Storage (W3RS)
This tool was designed for research in the field of Digital Forensics.
This prototype solution was created with Digital Forensic Readiness processes for secure storage and retrieval or potential digital evidence. This solution is generic and can be used for any application that requires secure storage. There is also an API built in that allows integration with any system or tool. From the admin panel you can create and manage API keys and routes.
This prototype tool is the secure storage engine for the overall framework Ransomware Readiness Framework (2RF) (publications below). There is some significant setup that needs to be done in order to get the analysis engine up and running. The
This tool can be run from a docker container that can be built using the dockerfile. Alternatively, you can clone this repository and install the python requirements. It is recommended you run this in a virtual environment to further ensure compatibility and added security. More details on this can be found in the
git clone email@example.com:AvinashSingh786/W3RS.git cd W3RS pip install -r requirements.txt
Run the following commands to configure and run the engine.
(venv)$ python manage.py createsuperuser # Create a super user that you will use as the admin (venv)$ python manage.py makemigrations # This sets up the storage engine and databases (venv)$ python manage.py migrate # This creates the databases and interfaces (venv)$ python manage.py runsslserver 0.0.0.0:8000
If you plan on using this tool in production please change the following in the settings.py file:
- Windows 10
- Windows 8.1
- Windows 7
- Windows XP
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
- Bug reports.
Singh, A. R. Ikuesan, and H. S. Venter, “Digital Forensic Readiness Framework for Ransomware Investigation,” in Digital Forensics and Cyber Crime, 2019, pp. 91–105.
A. Singh, A. Ikuesan, and H. Venter, “A context-aware trigger mechanism for ransomware forensics,” 14th Int. Conf. Cyber Warf. Secur. ICCWS 2019, pp. 629–638, 2019.