Sunday, March 30, 2014

Daily Blog #280: Sunday Funday 3/30/14

Hello Reader,
          It's Sunday Funday time! Let's see if you are up for this weeks challenge. If you watched the forensic lunch on Friday you would have heard Vico Marziale talk about registry decoder. Let's see how well you know your registry forensic tools in this weeks challenge.

The Prize:
A $200 Amazon Gift Card



The Rules:
  1. You must post your answer before Monday 3/31/14 8AM CST (GMT -5)
  2. The most complete answer wins
  3. You are allowed to edit your answer after posting
  4. If two answers are too similar for one to win, the one with the earlier posting time wins
  5. Be specific and be thoughtful 
  6. Anonymous entries are allowed, please email them to dcowen@g-cpartners.com. Please state in your email if you would like to be anonymous or not if you win.
  7. In order for an anonymous winner to receive a prize they must give their name to me, but i will not release it in a blog post

The Challenge:
Compare the following registry forensic tools; Registry Decoder, RegRipper and Yaru and document the following:
1. What do they do differently
2. What approach do they take to registry analysis