I've mentioned here before that I'm a big fan of Volatility for analyzing memory images.  In fact, Volatility plays a big part in my upcoming paper on automating malware behavioral analysis (more on that soon).  I'm also a fan of Harlan Carvey's RegRipper, a set of Perl scripts for parsing the Windows registry.  A couple of weeks ago, Brendan Dolan-Gavitt mentioned in his blog that it would be cool to be able to use RegRipper on the in-memory copy of the registry.  Well, today, he posted a way of using RegRipper and Volatility together to do just that.  Very cool, check it out.