Skip to main content

Windows Security

Registry
•The registry is a hierarchical database that stores the values of variables in Windows and the applications and services that run on Windows. The operating system and other programs also use the registry to store data about users and about the current configuration of the system and its components.
•The registry is available whenever the system is running, programs that start and stop can keep persistent data in the registry.

Structure of the Registry
•Much of the registry consists of nested containers known as subtrees, keys, and subkeys, which are like folders.
•The actual data is stored in the registry entries, the lowest level element in the registry.
•The series of nested containers make up a path to each entry. Because entry names are unique only within a path, entries are referenced by their full registry path and name.

Subtree
•Subtrees are the root, or primary divisions, of the registry.
•The Windows Server 2003 registry is divided into five subtrees. Subtrees themselves do not contain configuration data; they contain the keys, subkeys, and entries in which the data is stored.
•Click the name of a subtree to see its description

Subtree
•HKEY_CLASSES_ROOT
•HKEY_CURRENT_USER
•HKEY_LOCAL_MACHINE
•HKEY_USERS
•HKEY_CURRENT_CONFIG
Hive Files
•The permanent parts of the registry are stored as a set of files called the hive files.
•You can find a list of locations for these files in the hivelist subkey in HKLM\SYSTEM\CurrentControlSet\Control.
•These files are saved in systemroot\System32\Config and updated with each login.
Hive Files
•They consist of the following files, which store four of the five keys in HKEY_LOCAL_MACHINE and one key in HKEY_USERS:
•SAM Contains information stored in the key HKLM\SAM about the Security Accounts Manager (SAM) service.
•SECURITY Contains the security information stoHive Files
•SOFTWARE Contains information stored in the key HKLM\SOFTWARE about the computer's software configuration.
•SYSTEM Contains information stored in the HKLM\SYSTEM about the computer's system configuration.
•DEFAULT Contains the default system information that is stored in the key HKEY_USERS\.DEFAULT.red in the key HKLM\SECURITY.

Registry Editor
•A utility by the filename regedit.exe that allows you to see, search, modify and save the registry database of Windows.
•Doesn’t validate the values you are writing: it allows any operation, so pay close attention




Comments

Post a Comment

Popular posts from this blog

NMAP and ZenMAP

NMAP and ZenMAP are useful tools for the scanning phase of Ethical Hacking in Kali Linux. NMAP and ZenMAP are practically the same tool, however NMAP uses command line while ZenMAP has a GUI. NMAP is a free utility tool for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. NMAP uses raw IP packets in novel ways to determine which hosts are available on the network, what services (application name and version) those hosts are offering, which operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, etc. Now, let’s go step by step and learn how to use NMAP and ZenMAP. Step 1 − To open, go to Applications → 01-Information Gathering → nmap or zenmap. Step 2 − The next step is to detect the OS type/version of the target host. Based on the help indicat...
Post a Comment
Read more

Internet Of Things -IOT

Hey there! Have you heard of IoT? Yes the most popular thing in industry. If not, it is Internet of Things. Do you use smart watches or have you heard about smart city, smart house, these are the practical application of IoT. Didn’t get it?If you just Google “what is IoT?”, you will get a technical answer: “The Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.”  Simply, The Internet of Things, or IoT, refers to the billions of physical devices around the world that are now connected to the internet, collecting and sharing data. Now you’ll ask me “Okay, but why is it so much important?”. Today majority of devices works on sensors but sensors will not live forever. In other words, cheap sensors are not going to be 100% reliable, 100% of the time. Ph...
1 comment
Read more

Kali Linux - Installation and Configuration

Kali Linux is one of the best security packages of an ethical hacker, containing a set of tools divided by the categories. It is an open source and its official webpage is https://www.kali.org. Generally, Kali Linux can be installed in a machine as an Operating System, as a virtual machine . Installing Kali Linux is a practical option as it provides more options to work and combine the tools. You can also create a live boot CD or USB. All this can be found in the following link: https://www.kali.org/downloads/ BackTrack was the old version of Kali Linux distribution. The latest release is Kali 2018.1 and it is updated very often. To install Kali Linux − First, we will download the Virtual box  or Vmware workstation and install it. Later, we will download and install Kali Linux distribution. Instead of downloading  the images file you all can download that ova file extension . The benefits of it is that you do not have to install it. What you have to do is to just ...
Post a Comment
Read more