Wednesday, October 27, 2021

Running Once, Running Twice, Pwned! Windows Registry Run Keys – more detail that you ever knew you needed to know – like a * prefix causes it to run in safe more or ! causes it to be deleted after running…

By Dray Agha

The Windows registry is a vast and complex topic and cannot be understood and defended in one article. One particular area of interest from a security perspective is registry run keys. In this article, we discuss who uses run keys, how to uncover abuse, and how to eradicate evil from them.

An Introduction to Run Keys

What are registry run keys? Run keys are an obscure mechanism of the registry to execute something on a Windows system when a user logs in or the machine boots up.

Read More

Latest news
Related news