..
    generated, remove this comment to keep this file

``regf``
========

.. code-block:: console

    $ target-query <path/to/target> -f regf


.. list-table:: Details
    :widths: 20 80

    * - Module
      - ``os.windows.regf.regf.RegfPlugin``
    * - Output
      - ``records``

**Module documentation**

Regf dump plugin.

**Function documentation**

Return all registry keys and values.

The Windows Registry is a hierarchical database that stores low-level settings for the Windows operating system
and for applications that opt to use it.

References:
    - https://en.wikipedia.org/wiki/Windows_Registry

Yields RegistryKeyRecords and RegistryValueRecords

RegistryKeyRecord fields:
    hostname (string): The target hostname.
    domain (string): The target domain.
    ts (datetime): The registry key last modified time.
    path (string): The key path.
    key (string): The key name.
    source (string): The hive file path.

RegistryValueRecord fields:
    hostname (string): The target hostname.
    domain (string): The target domain.
    ts (datetime): The registry key last modified time.
    path (string): The key path.
    key (string): The key name.
    name (string): The value name.
    value (string): The value.
    source (string): The hive file path.