When the United States Army asked us if Arsenal Image Mounter’s Windows authentication bypass could be extended to handle domain accounts protected by smart cards, we were not sure it would be possible… but we knew if it could be done, it would be our team to do it.
I am announcing today, thanks to some gentle nudging from my team, that Arsenal is dramatically expanding our educational program. We are now providing free subscriptions each semester not only to professors at colleges and universities, but to students as well.
Digital forensics practitioners may not be aware of the nuances of what happens when introducing various BitLocker activities into the mix of hibernation and in-file TRIM.
Once you think through the implications of what can be done not only with multiple document versions extracted from FSD files as ODC Recon has always done, but what can be done with the granular revision information that can be found within FSD files and temporary collaboration data, you should be having a “lean back in the chair” moment.
The workflow for launching virtual machines has been significantly improved in Arsenal Image Mounter v3.1.101! You will now see a single dialog box (rather than a series of prompts) which consolidates important options related to launching virtual machines.
So, if you need to access EFS-encrypted files, you do not have the user’s Windows password, and you may even be dealing with an “IT gone rogue” (i.e. you cannot rely on help from IT – e.g. one or more may be suspects!) scenario, what are your options?
Join our mailing list to arm yourself with updates about Arsenal tools, training, and research. Our mailing list is double opt-in so you will need to check your email and confirm your subscription before receiving our mailings.
or (617) 277-3625
Terms & Conditions