Binary package “reglookup” in ubuntu disco

utility to analysis for Windows NT-based registry

 RegLookup is a system to direct analysis of Windows NT-based registry
 files providing command line tools, a C API, and a Python module for
 accessing registry data structures. The project has a focus on providing
 tools for digital forensics investigations (though is useful for many
 purposes), and includes algorithms for retrieving deleted data structures
 from registry hives.
 Currently the program allows one to read an entire registry and output it
 in a (mostly) standardized, quoted format. It also provides features for
 filtering of results based on registry path and data type. The package
 provides the following commands: reglookup, reglookup-recover and