python-registry
python-registry copied to clipboard
williballenthin
Pure Python parser for Windows Registry hives.
Hello Willi 👋 This PR enables `setup.py` to install some of the sample applications into the `$PATH`, that way, they are directly available after a `pip install` without having to...
The most recent release on PyPI ([1.3.1](https://pypi.org/project/python-registry/)) is one minor version behind the current 1.4, which is only available here on Github. There must be countless deployments and projects out...
Hi, it would pe possible use regipy as library to parse recursively all windows hive and get json of each hive?
When I use library to parse Windows AppCompatCache which is a RegBinary item in Python 3.7 environemnt,it returns a strd bytearray. For example: ``` reg = open=Registry.Registry("/tmp/tempfile/im_3_k5cdo_p4_/Windows/System32/config/SYSTEM").open("ControlSet001\\Control\\Session Manager\\AppCompatCache") value1=open.value("AppCompatCache") print("AppCompatCache...
Some registry hives can be as large as 2GB. Maybe not a big issue for most people, but also not difficult to fix. I went with the following solution using...
python-registry is awesome ! I only have a some errors on reading the values on some keys, trying to read out the complete registry. Operating System is Windows 10 ,...
While running amcache.py against collected Amcache.hve files no entries are parsed out. I encountered this only on Windows 10 10.0.16299 Versions. I'm only assuming that the 10.0.16299 also changed something...
Greetings Credits to the team for creating and maintaining this wonderful library. It is really useful for working with registry files using python. I worked with the reg_export.py script and...
Hello, It fails while decoding value.value() ... (Registry hive taken from Windows 7) - Faulty value:`b'\x00\x00\xd1w\x03\x00\x00\x00\xec\xa8\xcdw\x089l\x00\x88\xef\xd1\x01\xa9\xdb\xcfw\x089l\x00\x8cEl\x00\x96\x00\x00\x00l\xf2\xd1\x01\x00\x00\x00\x00\x00\x00\x00\x00\x9e\x00\x00\x00\xf0\xf1\xd1\x01{k\xcfw\xd0\xef\xd1\x01\x90\xf2\xd1\x01\x00\x00\x00\x00l\xf2\xd1\x01\x80El\x00\xd7\xa8\xcdw.\x00\x00\x00\x01\x00\x00\x00@\x96l\x00\xcc\xef\xd1\x01p\xe7l\x00\x01\x00\x00\x00\x88\xe8l\x00\xdc\xef\xd1\x01\x00\x00\x00\x00\x98\xf5l\x00\x9e\x00\xa0\x00\x84El\x00\x90\xf2\xd1\x01\xf0\xef\xd1\x01\xad\x14\xf8u\x00\x00f\x00\x00\x00\x00\x00\x90\xe8l\x00\x04\xf0\xd1\x01Z\x12\x19v\x00\x00f\x00\x00\x00\x00\x00\x90\xe8l\x00\xa1\xfb\xcbw\xb0\x0f2v\x84\x02\x00\x00\x00\x00\x00\x00 \xf0\xd1\x01\x8f!\x19v\x84\x02\x00\x00\xbc\xf2\xd1\x01\x16"\x19v\x80\'\x19v\xae|0\xf1(2k\x00(2k\x004\x03\xe8u\x00\x00\x00\x00(\xf0\xd1\x01\x00\x00\x00\x00\x01\x00\x00\x00\xb8\x96l\x00r\xca\xf8\x86\x00\x00\x00\x00\x00\x00\x00\x00\x90\xe8l\x00\x00\x00\x00\x008\xe8l\x00\xc0\xf0\xd1\x01\x8c\x98\xddu\x00\x00\x00\x00\x01\x00\x00\x00\xff\xff\xff\xff\xf0\xdel\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe8\xafm\x00\xf0\xdel\x00\x01\x00\x00\x00\xa44ak\x00\x00\x00\x00g\x90gw\x08\xf5\xd1\x01[\xeagw\xf8\xf4\xd1\x01U\x00S\x00B\x00\\\x00V\x00I\x00D\x00_\x008\x000\x008\x007\x00&\x00P\x00I\x00D\x00_\x000\x007\x00D\x00C\x00\\\x005\x00&\x00]\x01\xccw\x00\x00f\x00\xf88l\x00\x00\x00\x00\x00\x07\x00\x00\x07\x00\x00\x00\x00\xa89l\x00\xb81k\x00\xd0\x96m\x008\x00\x00\x00\x00\x00f\x00\x00\x00\x00\x10\xf88l\x00\x14\xf2\xd1\x01\xce8\xcdw8\x01f\x00\xaa8\xcdw\x11\xa2\nv\x00\x00\x00\x00\x00\x00f\x00\x009l\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1b\x00\x00\x00\x00\x00'` ``` Traceback (most recent call last): ... self.content = Value.value() File "/frameworks/virtualenvs/.../Registry.py", line...
Metadata
Owner
Metadata
Pure Python parser for Windows Registry hives.