Course Curriculum

    1. Welcome to Windows Registry

    2. Windows Registry

    3. The Structure of Windows Registry

    4. Check Your Knowledge

    1. Extract Hives through Command Line - Live System

    2. Extract Hives through Registry Editor - Live System

    3. Extract Hives through FTK Imager - Live System

    4. Extract Hives through FTK Imager - Disk Image

    1. Registry Explorer

    1. RegRipper

    2. Using the RegRipper GUI

    3. RegRipper Command Line Tool

    1. Autoruns

    2. Download and Live System Analysis

    3. Saved Hive / Offline Analysis

    1. Investigating Windows Registry Hives: System Artifacts

    2. Basic System Information

    3. Basic System Information - Cont..

    4. Check Your Knowledge

About this course

  • $50.00
  • 33 lessons
  • 0 hours of video content

6 CPE Credits

After completing this course, you will earn:

Learning Outcomes

After completing this course, you will learn the following:

  • Understand the structure and importance of the Windows Registry

  • The ability to extract system hives on a Windows machine

  • The ability to install and use forensic software to analyze system hives

  • Learning locations of various important forensic artifacts

Technical Requirements

For the hands-on labs in this course

  • Windows operating system (recommended Windows 10)

  • Internet connection

  • Installation of Registry Explorer/recmd

  • Installation of RegRipper

  • Installation of Autorun

What is next at Cyber 5W?

Add your email to the mailing list to get the latest updates

Thank You