0PricingLogin
Ethical Hacking Academy · Lesson

The Registry

Keys and persistence.

What Is the Registry

The Windows Registry is a hierarchical database storing configuration for the OS, drivers, services, and applications.

For attackers it is a goldmine: persistence locations, stored credentials, and system settings all live here.

Hives and Root Keys

The registry is organized into root keys (hives):

  • HKLM - HKEY_LOCAL_MACHINE, system-wide settings.
  • HKCU - HKEY_CURRENT_USER, per-user settings.
  • HKCR, HKU, HKCC - classes, all users, current config.

All lessons in this course

  1. Windows Architecture
  2. The Registry
  3. Windows Authentication
  4. PowerShell for Attackers
← Back to Ethical Hacking Academy