DFIR-Purim
DFIR-Purim
Thank you for the very quick response! I tried using KeyPath: ROOT\* and got no results
cmdline is **.\RECmd.exe -f .\SOFTWARE --nl --bn .\BatchExamples\Test.reb --csv .** Used KeyPath: * Got: 
Putting a single star in single quotes only gave me details about the root path itself without detailing the keys it holds, unlike what I get when using "--kn ROOT\\*"...
The reason I'm doing this, is that I want to dump the keys under ROOT to CSV, and it's impossible with --kn unfortunately. I have a case in which a...
Is there a way to export the keys under "ROOT\\*" (not recursively) to CSV?
@AndrewRathbun we appreciate all your amazing work! Unfortunately the person with whom you communicated is no longer a DFIR analyst. If our team ever gets to use the new feature...