Skip to content
Threat Feed

Tag

Registry-Dump

1 brief RSS
high advisory

Credential Acquisition via Registry Hive Dumping

Detects attempts to export sensitive Windows registry hives (SAM/SECURITY) using reg.exe, potentially leading to credential compromise.

Elastic Endgame +6 credential-access registry-dump windows
2r 1t