Credentials in Registry
Internal recon, hunting for passwords in Windows registry
Execution
Scanning registry hives for the value password
:
attacker@victim
Observations
As a defender, you may want to monitor commandline argument logs and look for any that include req query
and password
strings:
References
Last updated