Releases: pjrinaldi/wombatregistry
Wombat Registry v0.8
Happy to announce the release of wombat registry v0.8
Fixed in this release:
- launching a hive from the command line now doesn't prevent a user from then opening another hive using the Open Hive button
- Fixed report generation so it is generated when the report is open, not just when the preview window is open. This ensures you can generate a report without previewing the report.
Improvements in this release:
- added a close button to the gui so you can remove a selected open hive.
Wombat Registry v0.7
Happy to announce the release of wombat registry v0.7
Fixed in this release:
- when adding an item to the report, I fixed the item end dashed line length, as it was the length of the content rather than the width of the offset/hex/ascii binary content.
Improvements in this release:
- launch wombatregistry from the command line with an optional registry file to load on launch.
- added autoresizing for tag column and the name column if there is content which is larger than the header.
Wombat Registry v0.6
Happy to announce the release of wombat registry v0.6
Fixed in this release:
- modifying tag name updates the existing tag names in the value table.
- fixed the similar tag names count in reporting, so the counts are correct now.
- fixed values in the value table when you two registry keys loaded with the same name
- fixed the binary display which was missing some content for shorter entries
- Aligned the value name contents as left aligned
Improvements in this release:
- Added key up/down to value table,
- Added parsing wordwheelquery
- Added parsing opensavepidlmru
- Added parsing usbstor to include first install, last connected, and last removal
- Added parsing mounteddevices
- Added parsing values with "Date" or "Time" in the name
- Added parsing all the userassist ROT13 values
- Added the registry file name (SYSTEM, NTUSER.DAT, etc) to the status bar so when multiple are loaded, you can tell which one
- Added hourglass when opening a hive which takes a while to load
- Added parsing timezoneinformation and select
- Automatically select the first value when you select a key
Wombat Registry v0.5
This release includes a major gui toolkit shift from Qt5 to Fox Toolkit. This was prompted by the debug version working and the release version crashing and debugging the release version being a pain. This is the 1st release of the fox toolkit version, but with my initial testing, everything is working fine. You can generate a plain text or html report and preview a plain text version of the report.
The binary should be self contained and just run, or you can compile from source, but you will need to download the fox toolkit 1.7.81 version and libregf before you can compile wombat registry.
If you run into any issues while testing let me know.
Wombat Registry v0.4
Added minimal content parsing of recent docs entries, so it gets the file name, also parse the mrulistex for recent docs. Fixed the display of binary content when that content is less than 16 bytes, as it wasn't displaying. Also modified the reporting since i didn't like the multi page report, which is more suitable for wombat forensics but not for a stand alone tool. It is now a single html page, and can probably use improvement, but is much better now for a v0.4 release.
Wombat Registry v0.3
Minor update which has the open hive directory browser start in the folder where a hive was previously opened.
Wombat Registry v0.2
v0.2 is out with ability to open multiple hives at once and have the path in the root item so you know which hive is which.
Wombat Registry v0.1
Initial Release for the standalone registry viewing and reporting that runs on linux. Uses libregf, but it is statically linked, so other than having qt5 installed, I don't think there are any other dependencies.