Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update RegTester #39

Merged
merged 3 commits into from
Feb 2, 2015
Merged

Update RegTester #39

merged 3 commits into from
Feb 2, 2015

Conversation

NiKiZe
Copy link
Contributor

@NiKiZe NiKiZe commented Feb 1, 2015

  • To work with current code,
  • Explained lines on non match in hive.
  • Change reg parsing of MultiSZ

@NiKiZe
Copy link
Contributor Author

NiKiZe commented Feb 1, 2015

PR as promised in #38
Will happily change anything that does not fit, and also do more testing if there is any historic examples of what needs to be tested.

@williballenthin
Copy link
Owner

This is great! The script had fallen out of use (for no good reason), but these fixes should encourage us to test more consistently.

williballenthin added a commit that referenced this pull request Feb 2, 2015
@williballenthin
Merge pull request #39 from NiKiZe/RegTesterUpdate
fdeaded 
Update RegTester

  - To work with current code
  - Explained lines on non match in hive.
  - Change reg parsing of MultiSZ
@williballenthin williballenthin merged commit fdeaded into williballenthin:master Feb 2, 2015
@williballenthin
Copy link
Owner

Here's an idea I had been kicking around for a while that would obviate the need for much of this file...

developing a second backend to python-registry that operates over .reg files. So it exposes the familiar RegistryKey/RegistryValue interface, but the underlying data comes from a .reg export. This file format might be more accessible to those who can't immediately take a forensic image, or otherwise unlock hive files.

With this second backend, it would be trivial to do the testing comparison.

What do you think of this idea? Do you think it would be worth the effort of implementation?

@NiKiZe
Copy link
Contributor Author

NiKiZe commented Feb 2, 2015

Thanks!
I agree a backend that supports .reg files instead of hives, but works in the same way on an interface level would be great. (if/when there is write support the export function mentioned in #4 should be using this as well).

For now however my priority is in reg dissection and minimal write support - or more correctly "build" or "export to hive" implementation. But the reg format would probably simplify this as well.

@NiKiZe NiKiZe deleted the RegTesterUpdate branch February 2, 2015 20:54
@NiKiZe NiKiZe mentioned this pull request Feb 4, 2015
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NiKiZe @williballenthin