From da2b0c6f613825fdd493e4babde0711ff710aa38 Mon Sep 17 00:00:00 2001
From: achilles4828 <hardikmanocha12345@outlook.com>
Date: Thu, 14 Sep 2023 10:14:46 +0530
Subject: [PATCH] Disabled Registry Check Functionality

---
 cmd/EDRHunt/main.go      |  4 ++--
 pkg/edrRecon/registry.go | 32 ++++++++++++++++----------------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/cmd/EDRHunt/main.go b/cmd/EDRHunt/main.go
index 71e06c4..9fd93a0 100644
--- a/cmd/EDRHunt/main.go
+++ b/cmd/EDRHunt/main.go
@@ -18,7 +18,7 @@ var (
 	registry     bool
 	avwmi        bool
 	all          bool
-	versionStr   string = "1.4.2"
+	versionStr   string = "1.4.6"
 	versionCheck bool
 )
 
@@ -46,7 +46,7 @@ func edrCommand(cmd *cobra.Command, args []string) {
 		processes = true
 		drivers = true
 		services = true
-		registry = true
+		registry = false
 		avwmi = true
 		fmt.Println("Scanning processes, services, drivers, wmi, and registry...")
 	}
diff --git a/pkg/edrRecon/registry.go b/pkg/edrRecon/registry.go
index 2a4d31b..25f835b 100644
--- a/pkg/edrRecon/registry.go
+++ b/pkg/edrRecon/registry.go
@@ -2,7 +2,6 @@ package edrRecon
 
 import (
 	"context"
-	"fmt"
 	"os/exec"
 	"strings"
 	"sync"
@@ -68,22 +67,23 @@ func EnumRegistry(ctx context.Context) []string {
 
 func CheckRegistry(ctx context.Context) (resources.RegistryMetaData, error) {
 	var analysis resources.RegistryMetaData = resources.RegistryMetaData{ScanMatch: make([]string, 0)}
+	return analysis, nil
 
-	output := strings.Join(EnumRegistry(ctx), " ")
-	if output != "" {
-		processedOutput := strings.ToLower(output)
-		for _, match := range RegistryReconList {
-			if strings.Contains(
-				processedOutput,
-				strings.ToLower(match)) {
-				analysis.ScanMatch = append(analysis.ScanMatch, match)
-			}
-		}
-	}
+	// output := strings.Join(EnumRegistry(ctx), " ")
+	// if output != "" {
+	// 	processedOutput := strings.ToLower(output)
+	// 	for _, match := range RegistryReconList {
+	// 		if strings.Contains(
+	// 			processedOutput,
+	// 			strings.ToLower(match)) {
+	// 			analysis.ScanMatch = append(analysis.ScanMatch, match)
+	// 		}
+	// 	}
+	// }
 
-	if len(analysis.ScanMatch) == 0 {
-		return analysis, fmt.Errorf("nothing found in registry")
-	}
+	// if len(analysis.ScanMatch) == 0 {
+	// 	return analysis, fmt.Errorf("nothing found in registry")
+	// }
 
-	return analysis, nil
+	// return analysis, nil
 }