This article has been indexed from Windows Incident Response
Over the years, every now and then I’ve taken a look around to try to see where RegRipper is used. I noticed early on that it’s included in several security-oriented Linux distros. So, I took the opportunity to compile some of the links I’d found, and I then extended those a bit with some Googling. I will admit, I was a little surprised to see how, over time, how far RegRipper has gone, from a “here, look at this” perspective.
Not all of the below links are current, some are several years old. As such, they are not the latest and greatest; however, they may still apply and they may still be useful/valuable.
RegRipper on Linux (Distros)
Kali, Kali GitLab
SANS SIFT
CAINE
Installing RegRipper on Linux
Install RRv2.8 on Ubuntu
CentOS RegRipper package
Arch Linux
RegRipper Docker Image
Install RegRipper via Chocolatey
Forensic Suites
Something I’ve always been curious about is why the value of RegRipper being incorporated into and maintained through a forensic analysis suite isn’t more of “a thing”, but that fact doesn’t prevent RegRipper and tools like it from being extremely valuable in a wide range of analyses.
RegRipper is accessible via Autopsy
OSForensics Tutorial
Launching RegRipper via OpenText/EnCase
When I worked for Nuix, I worked with Dan Berry’s developers to Distros and RegRipper