Arsenal Image Mounter

Arsenal

Image Mounter

Reliable. Powerful. Trusted.

Easily Launch Virtual Machines from Disk Images

And much, much more...

Many Windows®-based disk image mounting solutions mount the contents of disk images as shares or partitions, rather than complete (aka "physical or "real") disks, which limits their usefulness to digital forensics practitioners and others. Arsenal Image Mounter mounts the contents of disk images as complete disks in Windows, allowing users to benefit from disk-specific features like integration with Disk Manager, launching virtual machines (and then bypassing Windows authentication and DPAPI), managing BitLocker-protected volumes, mounting Volume Shadow Copies, and more.

See Arsenal Image Mounter In Action

Become more familiar with AIM's powerful functionality by watching our demonstrations.

Demonstrating launch of BitLockered Windows Storage Space into a virtual machine with DPAPI bypass
Demonstrating Windows authentication and DPAPI bypasses against BelkaCTF Party Girl
Watch More

Arsenal Image Mounter Features

Arsenal Image Mounter includes both free (Free Mode) and paid (Professional Mode) features.

Features Available in Free Mode

  • Mount raw, forensic, and virtual machine disk images as complete (aka "real) disks on Windows

  • Temporary write support with replayable delta files for all supported disk image formats

  • Save "physically" mounted objects to various disk image formats

  • Virtually mount optical images

  • RAM disk creation with either static or dynamic memory allocation

  • Command-line interface (CLI) executables

  • MBR injection, fake disk signatures, removable disk emulation, and much more

  • Identify (with details), unlock, fully decrypt, and disable/suspend BitLocker-protected volumes

Features Available in Professional Mode

  • Effortlessly launch virtual machines from disk images

  • Extremely powerful Windows authentication and DPAPI bypasses within virtual machines

  • Volume Shadow Copy mounting (standard, with Windows NTFS driver bypass, or as complete disks)

  • Launch virtual machines directly from Volume Shadow Copies

  • Windows file system driver bypass (FAT, NTFS, ExFAT, HFS+, Ext2/3/4, etc.)

  • Exposure of NTFS metadata, slack, and unallocated in Windows file system driver bypass mode

  • Virtually mount archives and directories

  • Save disk images with fully-decrypted BitLocker volumes

  • Attach to actual physical disks (fixed and removable) to leverage virtual machine launching, VSC mounting, etc.

Latest Features
FAQs

Our Testimonials Are Compelling!

Worked Flawlessly

"Arsenal Image Mounter’s ability to mount a disk image and launch it into a VM has worked flawlessly since our department purchased the software over the past year. Being able to interact with a subject’s Windows environment as the user would have has helped our non-technical investigation teams gain a better understanding of a subject’s lifestyle, interests, and technical ability. In one such case, with appropriate legal approval, we used AIM to mount an image, launch a VM, expose it to the Internet, and connect to a service with the subject’s previously logged-in and authenticated application in order to secure and obtain over 1TB of CSAE material. Mark and his team have always been very responsive to any queries or technical issues faced along the way."

Dan
Law Enforcement (UK)

Significantly Enhanced My Ability

"The advanced features provided by Arsenal Image Mounter have significantly enhanced my ability to retrieve usernames and passwords stored by web browsers... and with remarkable speed. The new PIN brute force that works with Hello PINs means I no longer have to spend time manually extracting and cracking to get access to secrets, and within seconds I can be logged into a virtual machine with DPAPI-protected data fully unlocked. AIM’s latest functionality helps us access additional exhibits sooner, for example by using recovered PINs and other secrets against locked mobile phones."


Law Enforcement (UK)

More Testimonials

Unleash Arsenal Image Mounter Pro

Buy an Arsenal license and choose a subscription length (see the increasing discounts!) that works best for you. Want to try AIM first? Download AIM now and use its free functionality, or email sales to evaluate Professional Mode.

1 Year Plan
$756
~ $63/mo | Save 3%

    • Email Support

    • Renew Annually

    • Locked-in Discount

Buy Now

3 Year Plan

$2,129

~ $59/mo | Save 9%

5 Year Plan

$3,315

~ $55/mo | Save 15%

View Pricing & Plan Details
Prices shown in USD and without tax.