RegFileExport – Tool to Extract Offline Registry Data

Windows operating system registry is a database that include important information for incident handling. Information may include connected USB or device to the system, update to system settings, new application installed and more. If you are looking to analyze raw reg file you can check RegFileExport.

This forensic small console application allows you to easily extract data from offline Registry file located on another disk drive.RegFileExport read the Registry file, analyze it, and then export the Registry data into a standard .reg file of Windows. You can export the entire Registry file, or only a specific Registry key.

RegFileExport – Tool to Extract Offline Registry Data

The tool may also be able to export some of the Registry data even when the Registry file is corrupted and cannot be loaded by Windows. You can as well  export sensitive and secret data that is only available for ‘SYSTEM’ account, like the password/security information stored in SECURITY and SAM Registry hives.

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments