Fred -Forensic Registry EDitor

Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor. This project was born out of the need for a reasonably good registry hive viewer for Linux to conduct forensic analysis.

The tool includes some functions not found in normal “free” registry editors like a hex viewer with data interpreter and a reporting function that can easily be extended with custom ECMAScript report templates.

Fred -Forensic Registry EDitor
Fred -Forensic Registry EDitor

The reporting features allows users to write their own report templates to extract often used information from registry hives and represent it in a nicely formated report. This may for example be such simple information like the used Windows version or more complex information like all user accounts.

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments