Showing 469–480 of 840 results
-
AC Adapter for Aegis Padlock Desktop Drives
AC Adapter for Aegis Padlock Desktop Drives Desktop Drive AC Adapter / Power Cable for Aegis Padlock Desktop (DT) Drives.
Product Type -
AC Adapter for Aegis Padlock Desktop Drives for UK and EU
AC Adapter for Aegis Padlock Desktop Drives for UK and EU Apricorn replacement AC Adapter for the Padlock DT series in UK / EU. Provides the right AC power to your Padlock DT or DT FIPS for wherever you travel. Includes three interchangeable AC modules for USA, UK and EU
Product Type -
Protective Sleeve Aegis Secure Key 3NX/3Z
Protective Sleeve Aegis Secure Key 3NX/3Z Flexible Silicone Replacement Sleeve For Aegis Secure Key 3NX/3NXC and Aegis Secure Key 3z only Not compatible with Aegis Secure Key 3.0 One Piece; 0.5″ x 0.875 x 2.875″
Product Type -
HBIN Recon
HBIN Recon HBIN Recon identifies and parses Windows Registry hive bins (hbins) from any input. Hive bins are essentially the building blocks of Registry hives. Examples of HBIN Recon input include healthy Registry hives, fragmented hives, hive transaction logs, Transactional Registry (TxR) files, compressed hive bins which can be found in swap files and […]
-
Hive Recon
Hive Recon Hive Recon extracts Registry hives from Windows hibernation and crash dump files, often extracting hives when other solutions have completely failed and extracting healthier (more intact) hives when other solutions have appeared to run successfully. Hive Recon can also extract hives from memory captures, provided they have already been converted to crash […]
-
ODC Recon
ODC Recon ODC Recon extracts documents and metadata from the Office Document Cache (ODC) by parsing the FSD files contained within each ODC. Individual FSD files often contain not only multiple versions of Office documents, but Office documents which are no longer available elsewhere. ODC Recon was built when Arsenal found no reliable methods […]
-
LevelDB Recon
LevelDB Recon LevelDB Recon parses LevelDB files (ldb, log, and sst extensions) more comprehensively and reliably than other tools we have evaluated. In other words, LevelDB Recon has been designed for maximum exploitation of LevelDB files – ultimately revealing records missed by other methods. LevelDB Recon includes logic to help make sense of the […]
-
Backstage Parser
Backstage Parser Arsenal’s Backstage Parser is a Python tool that can be used to parse the contents of Microsoft Office files found in the “\Users(User)\AppData\Local\Microsoft\Office\16.0\BackstageinAppNavCache” path. David Cowen from C-G Partners blogged in October 2018 (http://www.learndfir.com/2018/10/18/daily-blog-510-office-2016-backstage-artifacts/) about interesting information left behind by the use of Microsoft Office’s “Backstage” view. Arsenal’s Brian Gerdon found the Backstage […]
-
Cybergate Log Decrypt
CyberGate Keylogger Decryption Tool Arsenal’s CyberGate Keylogger Decryption Tool is a python tool that can be used against CyberGate encrypted keylogger files (either whole or in part, provided that the individual record is intact) to decode the cipher text and return the original plaintext that was captured by the RAT. Fragmented entries from the file […]
-
Gmail URL Decoder
Gmail URL Decoder Gmail URL Decoder is an Open Source Python tool that can be used against plaintext or arbitrary raw data files in order to find, extract, and decode information from Gmail URLs related to both the new and legacy Gmail interfaces. Usage Run with python3 (properly tested on 3.6.7 version): usage: GmailURLDecoder.py [-h] […]
-
NetWire Log Decoder
Intro Arsenal’s NetWire Log Decoder carves and parses (a/k/a scans, filters, and decodes) NetWire log data from files or devices. NetWire is a popular multi-platform remote access trojan (RAT) system. NetWire has surveillance functionality which stores keystrokes and other information from victims in log files known as “NetWire logs.” Arsenal has found valuable NetWire log […]
-
Sdba Parser
Intro Arsenal’s Sdba Parser carves and parses (hereafter, parses) Sdba memory pool tags (produced by Windows 7) from any input file. Sdba memory pool tags are related to Windows Application Compatibility Database functionality and seem to be generated each time a new executable (based on analysis of MFT record and sequence numbers) is run. Most […]