What it does
Obtains the credentials / secrets / other info from live registry
First the script will try to get access to the registy on-the-fly. This is only possible if the script manages to get SYSTEM access. In case this method fails, it will use SE_BACKUP as admin to dump the registry hives to files, and use the offline registry parser to obtain the secrets.
Administrative privileges, OR a user account that has SE_DEBUG enabled OR a user that has SE_BACKUP privileges enabled.
--json: Switches the output to JSON format, both in STDOUT and in FILE output modes
-o: Write results to file, instead of printing it to STDOUT
pypykatz live registry: Prints all credentials to STDOUT
pypykatz live registry --json: Prints all credentials to STDOUT in JSON format
pypykatz live registry -o <output_file>: Writes all credentials to
pypykatz live registry -o <output_file> --json: Writes all credentials to
<output_file>in JSON format.