Query Registry

Description

Adversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software.

Products, Sensors, and Dependencies

Product	Dependencies	Data source	Access required	Protocol	Data Collected	Notes

References

Windows Services Registry ACL

Microsoft Windows SMB Registry : Autologon Enabled

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Discovery

Technique: Query Registry

Products Required: Tenable Vulnerability Management