PP
PyCon Pune

PyCon Pune 2017

A conference on the Python programming language

All submissions

Hemant Kumar

@xcodehack

Registry Forensic

Submitted Nov 28, 2016

Technical level: Intermediate

I have developed a tool that first fetches current registry hives from system and old registry hives(enumerating Volume shadows copies or Regback folder) and then compare the changes made in registry for any malware related incident. I have used multithreaded,multiprocessing, dynamic html geenration concept heavily in this project.

Outline

The RegDiffer tool first fetches current registry hives from system and old registry hives(enumerating Volume shadows copies or Regback folder) and then compare the changes made in registry for any malware related incident.

Requirements

Projector

Speaker bio

Senior Forensic Analayst, Cyber Incident Response Team, Accenture

All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Register

Hosted by

PP
PyCon Pune
PyCon Pune 2017 more