registry-dump can now optionally receive a start and end date to filter subkeys. Filtering on a 15MB system hive takes less than 10 seconds. This was achieved by not fetching the subkey values when iterating.
providing the -d flag to registry-dump will not fetch values (but will still fetch the values count).
plugin fixes
ntuser persistence values are not trimmed anymore
general fixes
default value trim length is now 256 instead of 128
Command line utils improvements:
registry-dump
can now optionally receive a start and end date to filter subkeys. Filtering on a 15MB system hive takes less than 10 seconds. This was achieved by not fetching the subkey values when iterating.-d
flag toregistry-dump
will not fetch values (but will still fetch the values count).plugin fixes
general fixes