We have released the RegHive Format package for all licenses of Cerbero Suite.
This package offers enhanced functionality for exploring Windows Registry hives. It enables detailed inspection of keys and values, and importantly, provides additional insights by displaying the last modification date and time for each key. Moreover, it includes the ability to view security access details for each key, offering a comprehensive overview of the Registry’s structure and access controls.
The RegHive Format package is exposed to the SDK:
from Pro.Core import *
from Pkg.RegHive import *
def parseRegHive(fname):
c = createContainerFromFile(fname)
if c.isNull():
return
obj = RegHiveObject()
if not obj.Load(c) or not obj.Parse():
return
key = obj.GetRegKey()
print(key.Name())
for subkey in key.IterateSubKeys():
print(" ", subkey.Name())
for v in subkey.IterateValues():
print(" ", v.name, v.value_type, v.value)