What is this?

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup is released under the GNU GPL, and is implemented in ANSI C. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.

Where do I learn more?

See the main project site. You'll find official releases there and more documentation.

What if I have trouble?

Ask for help on the development mailing list or submit a ticket.

Is this project maintained anymore?

RegLookup is largely feature-complete for what we wanted to accomplish. So the releases are infrequent (typically only when bugs crop up), but the project is still maintained.

How do I contribute?

We love contributions. To submit a patch, please check out the trunk, apply your changes and run "svn diff". Save the resulting diff and attach it to a ticket.