source: doc/references.txt @ 191

Last change on this file since 191 was 169, checked in by tim, 15 years ago

filled in additional, minimal documentation

File size: 1.4 KB
Line 
1- The Windows NT Registry File Format
2  (A work in progress to support this tool.)
3  http://sentinelchicken.com/research/registry_format/
4
5- Recovering Deleted Data From the Windows Registry
6  (The research that is implemented as a PoC in reglookup-recover.)
7  http://sentinelchicken.com/research/registry_recovery/
8
9- Petter Nordahl-Hagen.  Windows NT registry file format description.
10  (The file 'winntreg.txt' included in this distribution is derived from this.)
11  http://home.eunet.no/~pnordahl/ntpasswd/WinReg.txt
12
13- Nigel Williams.  Much of the same information as provided in 'winntreg.txt',
14  but with some code:
15  http://www.wednesday.demon.co.uk/dosreg.html
16
17- Some useful information on how Windows reads from and writes to registry
18  hives:
19  http://www.microsoft.com/technet/archive/winntas/tips/winntmag/inreg.mspx
20
21- Registry key, value, and depth limits:
22  http://msdn2.microsoft.com/en-us/library/ms724872.aspx
23
24- Misc references for windows registry permissions and ownership:
25  http://msdn2.microsoft.com/en-gb/library/ms724878.aspx
26  http://technet2.microsoft.com/WindowsServer/en/library/86cf2457-4f17-43f8-a2ab-7f4e2e5659091033.mspx?mfr=true
27  http://msdn2.microsoft.com/en-gb/library/aa374892.aspx
28
29- ACL/ACE flags information
30  http://support.microsoft.com/kb/220167
31  http://msdn2.microsoft.com/en-us/library/aa772242.aspx
32
33- Info on SAM hive, syskey, and hash extraction (with tools bkhive and samdump2):
34  http://www.studenti.unina.it/~ncuomo/syskey/
Note: See TracBrowser for help on using the repository browser.