dissect.regf.regf
#
Module Contents#
Classes#
Functions#
Adapted function to read null terminated wide strings. |
|
Attributes#
- dissect.regf.regf.log#
- dissect.regf.regf.PY37#
- class dissect.regf.regf.RegistryHive(fh)#
- root()#
- read_cell_data(offset)#
- read_cell(offset)#
- parse_cell_data(data)#
- cell(offset)#
- open(path)#
- walk()#
- class dissect.regf.regf.NamedKey(hive, data)#
- property subkey_list#
- property path#
- property timestamp#
- subkeys()#
- subkey(name)#
- values()#
- value(name)#
- __repr__()#
Return repr(self).
- class dissect.regf.regf.KeyValue(hive, data)#
- property type#
- property data#
- property value#
- parse_value()#
- __repr__()#
Return repr(self).
- dissect.regf.regf.decode_name(blob, size, is_comp_name)#
- dissect.regf.regf.try_decode_sz(data)#
- dissect.regf.regf.read_null_terminated_wstring(stream, encoding='utf-16-le')#
Adapted function to read null terminated wide strings.
The cstruct way raises EOFError when the end of the stream is reached. This is fine, but not what we want for this particular implementation.
- dissect.regf.regf.isascii(byte_string)#
- dissect.regf.regf.hashname(name)#
- dissect.regf.regf.xor32_crc(data)#