REGISTRY RECON

Registry Recon

 

 

Harness huge volumes of Registry information to see how Registries changed over time

Registry forensics has long been relegated to analyzing only readily accessible Windows® Registries, often one at a time, in a needlessly time-consuming and archaic way. Registry Recon is not just another Registry parser. Arsenal developed powerful new methods to parse Registry data so that Registries which have existed on a Windows system over time can be rebuilt, providing unique insight into how Registry data has changed over time. Registry Recon provides access to an enormous volume of Registry data which has been effectively deleted, whether that deletion occurred due to benign system activity, malfeasance by a user, or even re-imaging by IT personnel.

 

Registry Recon Features

 

Unlock the potential of huge volumes of Windows Registry data and see how Registries changed over time.

 

Reveal

 

  • Application usage
  • Recently accessed files
  • Removable storage activity
  • Network connections
  • Malware remnants
  • Usernames and Passwords

Features

 

  • Efficient harvesting of Registry data from entire disk images
  • Resurrection of Registries long since forgotten
  • Access to enormous amounts of deleted Registry data
  • Unique keys and values shown by default in historical fashion
  • Seamless access to all instances of keys and values
  • Windows restore point and Volume Shadow Copy support
  • Ability to view keys (and their values) at particular points in time
  • Automatic decoding of particularly interesting Registry keys

Related Posts

SuperWiper Desktop 12 NVMe ports PCIE4.0 Multiple NVMe SSD Data Erase Unit

April 8, 2024

SuperWiper 8” T4 SAS/SATA and USB3.2 Portable Data Erase Unit – Erase 13 Storage Devices

April 8, 2024

SuperWiper 8″ 4 SAS/SATA and 8 USB3.2 Ports Portable Economic Eraser Unit – Erase 12 Storage Devices

April 8, 2024