What is this?
The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup is released under the GNU GPL, and is implemented in ANSI C. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.
Where do I learn more?
See the main project site. You'll find official releases there and more documentation.
What if I have trouble?
Is this project maintained anymore?
RegLookup is largely feature-complete for what we wanted to accomplish. So the releases are infrequent (typically only when bugs crop up), but the project is still maintained.
How do I contribute?
We love contributions. To submit a patch, please check out the latest revision with:
svn co https://code.blindspotsecurity.com/dav/reglookup/
Then apply your changes and run "
svn diff". Save the resulting diff and attach it to a ticket.