When you are a black hat hacker, you try to use any method that is at your disposal to be able to get at your target. It doesn’t matter if it is exploit code or you have physical access to the machine and you are looking at deleted files. You need to be able to get that one edge so that you are able to crack into your destination.
This is the reason why some black hat hackers will take the time to try and break into the registry files of a Windows computer. They want to see what kind of information that they can pull out of it. Some people think that just because a program is uninstalled that no one will be able to see the registry information of that program ever again. That is not true. There are ways to be able to recover registry information. In this article we will show why the good guys and bad guys do this.
What is the registry?
The registry is a part of your Windows installation that saves information for the programs that you run. When a program is installed, sometimes it needs to store information for any user of the computer to use. So no matter what profile you are signed in to, the person will be able to get that configuration information. That is what the registry excels at.
The good guys
The good guys want that information sometimes so they can find a piece of information about either the program or maybe some data that they stored. Registry files hold all different types of information so you might get lucky and find what you need in there.
The bad guys
The bad guys do the same thing but instead of looking for the information to help you, they are going to use it to harm you. The registry files hold a lot of different information and to the bad guys any little bit helps.
If you want to make sure that your computers is safe then make sure that after you uninstall any program that the registry entry for that program is completely gone.