The windows registry isn’t the backbone of Windows. Still, you could argue that the registry hives are the arteries of the Windows anatomy. Instead of controlling the blood flow, the hives control how Windows operates by storing various configurations. But that isn’t all the registry is good for. Both defenders and attackers can make use of the repository for their own ends: the blue team can find forensic artifacts and the red team can create persistence.
In this blog, we explore the architecture of the Windows 10 Registry and what it means to an infosec practitioner.
Maybe it was just me, but when I first started pen testing, I thought my goal was to do cool hacks and show the client how awesome I could be. Seriously I couldn’t be the only one that thought this. It could just be that we work so hard and learn so many things that we believe that our job is to show off our skills.
To some degree, that’s true. But I think that problems arise when we hold on to that belief too rigidly. When we hit a lull in our career, fail to compromise multiple clients in a row, or feel that we aren’t growing fast enough compared to our peers, it can lead to many negative emotions; imposture syndrome, depression, feeling like a failure.