Testimonials

“I just wanted to pass along how pleased I am with your products, one of them in particular. For the last few years we kept renewing licenses for another vendor’s tool primarily for the purpose of booting virtual machines from suspect computers. When Windows 10 came out this process became much more complicated, if it even worked at all. Well with Arsenal Image Mounter and a YouTube video from 13Cubed, the process became so easy. We use this process to film the suspect’s computer using a screen video capturing software, as if we were sitting behind their keyboard, and our prosecutors love it. Jurors can now see where the incriminating evidence is in its natural environment instead of having to understand what a file path is. In terms of password bypassing, in a recent case with Windows 10 we tried everything we had to try and break the password/passcode so we could login to the virtual machine. We used both commercial and open source tools with no luck. Arsenal Image Mounter was the only tool that allowed us to bypass the password and it was unbelievable how easy it was.”

David Causey

Detective, St. John's County Sheriff's Office in Florida

When it comes to mounting disk images (among other things), it is hard to beat Arsenal Image Mounter. It is stable, fast, and it just works. Should you run into an issue, Mark and his team are always willing to hear about it and they feel worse than you will about any issues found. Arsenal is quick to update and pursue new options (often at great expense to themselves in terms of R&D) that just do not exist anywhere else. Beyond the free version however, AIM provides advanced features such as booting forensic images into virtual machines, password bypasses (even online based accounts! Magic!) and more! In an age where vendors want to produce less and less while charging more and more, Arsenal is a breath of fresh air, because they do just the opposite! They keep making the product better!

Eric Zimmerman

After many unsuccessful attempts to launch forensic images into virtual machines with a popular digital forensics tool, I decided to give Arsenal Image Mounter a try.  I’m very glad I did, because I was able to virtualize forensic images from multiple suspects. AIM also bypassed Microsoft cloud account passwords within the virtual machines, so I was able to take valuable screenshots for the US Attorney. In addition, I have found AIM’s multiple methods of Volume Shadow Copy exporting to be useful.

ICE/Homeland Security Investigation

Registry Recon helps cut through tedious work and recovers valuable information that is not available without burning enormous amounts of time.”

Dennis O’Connor

Senior Investigator, U.S. Department of Labor

Hibernation Recon allowed us to determine that remnants of a Skype chat involving child pornography existed in hiberfil.sys slack space (related to a previous hibernation) and to correct the date and time related to those remnants provided by another tool. Within the recovered chat the sender discussed not only possessing illegal material, but having over 70GB more to send, which was important to obtaining a search warrant.”

Torben Strand

Special Consultant, MSc, Danish National Police Cyber Crime Center (NC3)

“With other tools, each Registry file has to be analyzed separately in a very time-consuming fashion. With Registry Recon, large numbers of Registry files from both allocated and unallocated space are merged into Recon Registries. I am now able to see how the Registry has changed over the life of both currently and previously installed operating systems.”

Stephen Swanson

President, Computer Forensic Services, LLC

“The sheer volume of Registry data that Registry Recon finds, and the methods used to visualize it, are astounding. We were able to analyze a nearly complete Registry from a previous installation of Windows that was over two years old.”

Ryan Maxwell

Director, Forensic West, DTI

“Typically my experiences with new digital forensic tools don’t turn out well. Registry Recon is the exception to this rule. I was quickly able to determine that a system I was analyzing had been compromised a full 6 months earlier than anyone realized, based on information Registry Recon recovered from unallocated space. It’s safe to say that Registry Recon has become part of my analysis toolkit.”

Bill Spernow

Chief Forensic Advisor, Law & Forensics, Inc. and former Forensics and Incident Response Research Director with the Gartner Group, Inc.

As a former Linux developer, I miss many things under Windows. One of them is the flexible handling of loop devices and disk dumps. Arsenal Image Mounter ports this power to the Microsoft world. You know that “X:” is a virtual thumb drive residing in RAM, but Windows won’t. And that’s only one of the many possibilities with AIM.

Peter Schneider

Software Development Engineer, Cascade Microtech

“The cost of Registry Recon is justified by the Recon Reports alone. The pre-built USB Storage Devices report, for example, gives you historical information that no other computer forensics tool can.”

Alex Gessen

Computer Forensics Investigator, eMag Solutions

“I am thoroughly impressed with Registry Recon’s capabilities. Working in law enforcement, I can see how valuable it is to know how a suspect’s computer interacted with particular networks, documents, and storage devices over time.”

Sean Maloney

Trooper, Massachusetts State Police

Hibernation Recon has become DoD’s must-have tool for extracting digital artifacts from Windows hibernation files. Not only does Hibernation Recon properly reconstruct active memory for all versions of Windows when other tools fail, it is the only tool that extracts various types of “slack space”, which has yielded critical forensic artifacts for DoD’s foreign intelligence mission that could not have been obtained any other way.

United States Department of Defense

“I will tell you that (Registry Recon) did an amazing job, even after (Windows) re-install and slight use I was able to recover over a year’s worth of USB device connections… I managed to recover almost all the Registry activity I needed from a re-installed system to prove some findings thanks to Registry Recon.”

David Cowen

Hacking Exposed Computer Forensics Blog

Hibernation Recon gives us the ability to quickly and accurately recover data from hibernation files missed by other tools. Output is very descriptive and helps us better understand the recovered data. Hibernation Reconwill be finding a permanent place in our workflow.”

Peter Kohler, Esq.

Digital Forensics and eDiscovery at Evidox Corporation

22 Willow Street Chelsea, MA 02150

sales@ArsenalRecon.com

(617) ARSENAL

or (617) 277-3625

Site Map

\

Home

\

Products

\

Pricing

\

Training

\

Testimonials

\

Insights

\

Contact

\

FAQ

Legal

\

Privacy Policy

\

Terms & Conditions

\

Cookie Policy

Follow Us

LinkedIn

Twitter

Facebook