Title
#core
defensivedepth

defensivedepth

06/21/2022, 1:49 PM
Has anyone tried parsing Windows sdb files with osquery? For example,
windir%\security\database\secedit.sdb
, which stores local policy configuration (password complexity requirements, etc) Unfortunately its contents are binary encoded, so its not as simple as using augeas (unless I am missing something)
s

seph

06/21/2022, 4:34 PM
Is this data what
secedit /export
dumps? (launcher has a wrapper over that)
defensivedepth

defensivedepth

06/21/2022, 4:38 PM
Yes exactly
5:18 PM
Can you remind me - are those tables licensed FOSS?