Get Registry Hives and Keys Remotely

Talking with a buddy of mine, the conversation about retrieving Registry Hives and Keys remotely came up. He initially was looking for something he could use and eventually sided with an open-source program on the web. I, myself, tested said program as well and it for the most part did what it said it would. In the end though, that is just another product I could be adding to someone’s network. With that said, I took to PowerShell! Which I ended up using reg.exe wrapped in PowerShell to export to Hives and Keys. I now needed something as the workhorse to execute this remotely and that’s where WMI came in. I used it to start a process-call against a supplied list of systems and once complete, Get-ChildItem is used to pull the .reg file back to my system. The code can be found HERE.