Registry Recon

Registry Recon

Harness huge volumes of Registry information to see how Registries changed over time

Registry forensics has long been relegated to analyzing only readily accessible Windows® Registries, often one at a time, in a needlessly time-consuming and archaic way. Registry Recon is not just another Registry parser. Arsenal developed powerful new methods to parse Registry data so that Registries which have existed on a Windows system over time can be rebuilt, providing unique insight into how Registry data has changed over time. Registry Recon provides access to an enormous volume of Registry data which has been effectively deleted, whether that deletion occurred due to benign system activity, malfeasance by a user, or even re-imaging by IT personnel.

See Registry Recon In Action

Make no mistake about it - if you use Registry Recon, you have a significant advantage over those that do not.

Registry Recon Features

Unlock the potential of huge volumes of Windows Registry data and see how Registries changed over time.

Reveal

  • Application usage

  • Recently accessed files

  • Removable storage activity

  • Network connections

  • Malware remnants

  • Usernames and Passwords

Features

  • Efficient harvesting of Registry data from entire disk images

  • Resurrection of Registries long since forgotten

  • Access to enormous amounts of deleted Registry data

  • Unique keys and values shown by default in historical fashion

  • Seamless access to all instances of keys and values

  • Windows restore point and Volume Shadow Copy support

  • Ability to view keys (and their values) at particular points in time

  • Automatic decoding of particularly interesting Registry keys

Registry Recon FAQs

Our testimonials are compelling!

Recovers Valuable Information

"Registry Recon helps cut through tedious work and recovers valuable information that is not available without burning enormous amounts of time."

Dennis O'Connor
Senior Investigator, U.S. Department of Labor

Astounding Volume Of Registry Data

"The sheer volume of Registry data that Registry Recon finds, and the methods used to visualize it, are astounding. We were able to analyze a newly complete Registry from a previous installation of Windows that was over two years old."

Ryan Maxwell
Director, Forensic West, DTI

More Testimonials

Unleash Registry Recon

Buy an Arsenal license and choose a subscription length (see the increasing discounts!) that works best for you. Want to try Registry Recon first? No problem. Email sales to start your evaluation.

1 Year Plan
$756
~ $63/mo | Save 3%

    • Email Support

    • Purchase Annually

    • Locked-in Discount

Buy Now

3 Year Plan

$2,129

~ $59/mo | Save 9%

5 Year Plan

$3,315

~ $55/mo | Save 15%

View Pricing & Plan Details
Prices shown in USD and without tax.