Tools

366 results - showing 31 - 40
« 1 2 3 4 5 6 ... »
Ordering
arsenal

Tools

Arsenal Recon
Targeted Function Tool
Documents
ODC Recon extracts documents and metadata from the Office Document Cache (ODC) by parsing the FSD files contained within each ODC. Individual FSD files often contain not only multiple versions of Office documents, but Office documents which are no longer available...
arsenal

Tools

Arsenal Recon
Free
Targeted Function Tool
Documents
Backstage Parser is a Python tool that can be used to parse the contents of Microsoft Office files found in the “\BackstageinAppNavCache” path.
arsenal

Tools

Arsenal Recon
Free
Targeted Function Tool
Memory
Sdba Parser is an AutoIt tool that carves and parses Sdba memory pool tags (produced by Windows 7) from any input file. Sdba memory pool tags contain executable file paths and NTFS last written timestamps (at time of execution). ...
arsenal

Tools

Arsenal Recon
Targeted Function Tool
Log Parsing/Analysis
NetWire Log Decoder is an AutoIt tool that carves and parses (a/k/a scans, filters, and decodes) NetWire log data from files or devices. NetWire versions 1.6 and 1.7, on Windows and Linux, have been tested.
arsenal

Tools

Arsenal Recon
Targeted Function Tool
The exploitation of Windows hibernation files to “look back in time” and uncover compelling evidence is crucial to digital forensics practitioners. Hibernation Recon not only supports active memory reconstruction from Windows XP, Vista, 7, 8/8.1, 10, and 11 hibernation files, but...
arsenal

Tools

Arsenal Recon
Targeted Function Tool
Registry
  • Hibernation
  • Registry
HBIN Recon identifies and parses Windows Registry hive bins (hbins) from any input. Hive bins are essentially the building blocks of Registry hives. Examples of HBIN Recon input include healthy Registry hives, fragmented hives, hive transaction logs, Transactional Registry (TxR) files,...
arsenal

Tools

Arsenal Recon
Targeted Function Tool
Registry
  • Hibernation
  • Registry
Hive Recon extracts Registry hives from Windows hibernation and crash dump files, often extracting hives when other solutions have completely failed and extracting healthier (more intact) hives when other solutions have appeared to run successfully. Hive Recon can also extract hives...
arsenal

Tools

Arsenal Recon
Free
Targeted Function Tool
Cryptography
CyberGate Keylogger Decryption Tool is a Python tool that can be used against CyberGate encrypted keylogger files to decode the cipher text and return the original plaintext that was captured by the Remote Access Trojan (RAT).
arsenal

Tools

Arsenal Recon
Free
Targeted Function Tool
Email
Gmail URL Decoder is a Python tool that can be used against plaintext or arbitrary raw data files in order to find, extract, and decode information from Gmail URLs related to both the new and legacy Gmail interfaces.
arsenal

Tools

Arsenal Recon
Targeted Function Tool
  • Image Mounting
  • Virtual Machines
  • Volume Shadow Copy/VSS
Many Windows®-based disk image mounting solutions mount the contents of disk images as shares or partitions, rather than complete (aka "physical or "real") disks, which limits their usefulness to digital forensics practitioners and others. Arsenal Image Mounter mounts the contents of...
366 results - showing 31 - 40
« 1 2 3 4 5 6 ... »