diff --git a/resources/download/git.ps1 b/resources/download/git.ps1
index 67f0ba1..8135698 100644
--- a/resources/download/git.ps1
+++ b/resources/download/git.ps1
@@ -31,6 +31,7 @@ $repourls = `
     "https://github.com/pan-unit42/dotnetfile.git", `
     "https://github.com/reuteras/dfirws.wiki.git", `
     "https://github.com/rizinorg/cutter-jupyter.git", `
+    "https://github.com/Seabreg/Regshot.git", `
     "https://github.com/SigmaHQ/sigma.git", `
     "https://github.com/volexity/one-extract.git", `
     "https://github.com/volexity/threat-intel.git", `
diff --git a/setup/start_sandbox.ps1 b/setup/start_sandbox.ps1
index 45be5e2..f8acf70 100644
--- a/setup/start_sandbox.ps1
+++ b/setup/start_sandbox.ps1
@@ -145,6 +145,7 @@ Add-ToUserPath "$env:ProgramFiles\Notepad++"
 Add-ToUserPath "$GIT\ese-analyst"
 Add-ToUserPath "$GIT\Events-Ripper"
 Add-ToUserPath "$GIT\RegRipper3.0"
+Add-ToUserPath "$GIT\Regshot"
 Add-ToUserPath "$GIT\Trawler"
 Add-ToUserPath "$GIT\Zircolite\bin"
 Add-ToUserPath "$TOOLS\bin"
@@ -440,6 +441,7 @@ Add-Shortcut -SourceLnk "$HOME\Desktop\dfirws\OS\Windows\Thumbcache Viewer.lnk"
 New-Item -ItemType Directory "$HOME\Desktop\dfirws\OS\Windows\Registry"
 Add-Shortcut -SourceLnk "$HOME\Desktop\dfirws\OS\Windows\Registry\Registry Explorer.lnk" -DestinationPath "$TOOLS\Zimmerman\RegistryExplorer\RegistryExplorer.exe"
 Add-Shortcut -SourceLnk "$HOME\Desktop\dfirws\OS\Windows\Registry\RegRipper (rip).lnk" -DestinationPath "$POWERSHELL_EXE" -WorkingDirectory "$HOME\Desktop"
+Add-Shortcut -SourceLnk "$HOME\Desktop\dfirws\OS\Windows\Registry\RegShot.lnk" -DestinationPath "$POWERSHELL_EXE" -WorkingDirectory "$HOME\Desktop"
 
 # Programming
 New-Item -ItemType Directory "$HOME\Desktop\dfirws\Programming"