Tux beats windows
Site Informations
Gillen Daniel

What is fred?
Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor. This project was born out of the need for a reasonably good registry hive viewer for Linux to conduct forensic analysis. Therefore it includes some functions not found in normal "free" registry editors like a hex viewer with data interpreter and a reporting function that can easily be extended with custom ECMAScript report templates.


Main window with node tree, key list, hex viewer and data interpreter

Report selector / Report viewer

New features in beta5:
  - Write support added (per default, all hives are opened read-only).
  - Large UI improvements.
  - More reports added.

System requirements:
  - Qt 4.6 or above
  - Windows XP or above

The easiest way is to follow the instructions under "Community -> DEBIAN PKG SERVER" and then execute "sudo aptitude install fred fred-reports". If you want / need to build the source, get it below and follow the instructions contained in the README file.

If you are using Windows, get Linux! :-p Ok ok, you may also download / execute the installer available below and follow the on-screen instructions.

Please see my bug tracker

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Debian packages: See "Community -> DEBIAN PKG SERVER"
Windows installer: fred-0.1.0beta4-win32.exe (SHA256: 42ca6440caa48b9a0b590cd75913bc7203aaf61d39ceec9e04e86750eea02e02)
Source: fred-0.1.1.tar.gz (SHA256: 3371abc0c894a23e475c89c4bd4a2b0077add8d4bdcbbcffb80a78cdcc12c4af)
Source: Git repository
Docs: fred_report_engine_reference.pdf