Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

Introducing AboutDFIR’s Registry Explorer/RECmd Guide

Greetings everyone! I’ve been working on a detailed guide geared towards LE/Private Sector examiners who’ve never used Registry Explorer/RECmd before as well as anyone looking to learn what the tool is all about. Learning a new tool is intimidating and can be frustrating, but hopefully this guide will make things easier.

The Registry Explorer/RECmd Guide comes on the heels of the previous guides I put together recently: KAPE and Timeline Explorer . All guides, current and future, can also be located in the site’s recently redesigned menu via Tools & Artifacts -> Tools -> <Tool>. This will also be home to the rest of the EZ Tools suite as I get around to making guides like this. I will follow this same format and the endgame is to have all of the EZ Tools covered in depth in this same format. These guides combined can serve as a great starting point for any examiner to get analysis underway and answers fast. If you like this, please let me know. If there’s something missing here with this format or the guides I’ve previously put together, let me know!

Also, I would like to extend my appreciation (again) for those who took a look at this before it went live and provided invaluable feedback. You know who you are and I apologize in advance for the future guides I’m going to have you look over 🙂

Related Posts