Skip to content
/ regffs Public

📇 A Windows registry (regf) io/fs file system

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

forensicanalysis/regffs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits

.github

.github

 
 

cmd/regffs

cmd/regffs

 
 

testdata

testdata

 
 

.gitignore

.gitignore

 
 

.goreleaser.yml

.goreleaser.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

example_test.go

example_test.go

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

regf.ksy

regf.ksy

 
 

regf.ksy.go

regf.ksy.go

 
 

regffs.go

regffs.go

 
 

regffs_test.go

regffs_test.go

 
 

Repository files navigation

regffs

doc

Read Windows registry files (regf) as io/fs.FS.

Example

func main() {
	f, _ := os.Open("testdata/SYSTEM")

	// init file system
	fsys, _ := regffs.New(f)

	// print all paths
	b, _ := fs.ReadFile(fsys, "ControlSet001/Control/ComputerName/ComputerName/ComputerName")
	s, _ := regffs.DecodeRegSz(b)
	fmt.Println(s)
	// Output: WKS-WIN732BITA
}

License

testdata is from https://github.com/log2timeline/plaso and therefore licenced under Apache License 2.0. The remaining files are MIT licensed.

About

📇 A Windows registry (regf) io/fs file system

Topics

iofs

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 2

v0.1.1 Latest
Apr 26, 2022
+ 1 release

Contributors 3

  •  
  •  
  •  

Languages