Arsenal Recon

Arm yourself with our tools & eliminate blind spots in digital forensics! ArsenalRecon.com #DFIR

Back in the office after sponsoring & exhibiting at the @IACIS 2026 Orlando Training Conference. It was great meeting so many digital forensics practitioners in person! We brought a Neo Geo for students to play towards the end of training... next year we'll have prizes! #DFIR

@brockpierson Nightmares from so many wasted hours trying to get this thing to work like a respectable modem.

Are you this old?

We’re ready for another day at the @IACIS Orlando Training Conference, making more #DFIR practitioners aware of the powerful & unique things our tools can do for them. What’s that under our TV? ArsenalRecon.com

Traveling to the @IACIS Orlando Training Conference! Come see us Tue-Th to talk about maximum exploitation of electronic evidence that is not currently possible with other tools & published techniques. Windows swap, hibernation, & more - let's go! ArsenalRecon.com #DFIR

Emina got to the @MassAGO's National Cyber Crime Conference early yesterday to get our classroom setup. We had a mixture of motivated local, state, & federal law enforcement in our workshop "Disks are Gamblers and Virtualization is Vegas." ArsenalRecon.com #DFIR #NCCC2026

Getting class materials ready for our "Disks are Gamblers and Virtualization is Vegas" workshop tomorrow at the @MassAGO's National Cyber Crime Conference! Notice anything interesting about this laptop? ArsenalRecon.com #DFIR #NCCC2026

Congratulations to Nicholas Smith & Oleksandr Lysyi for completing the Arsenal Image Mounter online training & certification! ArsenalRecon.com #DFIR

Are you attending the @MassAGO's National Cyber Crime Conference next week? This will be a great opportunity to attend one of our in-person only workshops - Disks are Gamblers and Virtualization is Vegas. #DFIR #NCCC2026

Here’s something you don’t see every day in #DFIR - launching a virtual machine from a Linux laptop (safely booted with WinFE) connected to Arsenal Image Mounter across a network via AIM Remote Agent! ArsenalRecon.com

Another video of more Linux functionality from the latest Arsenal Image Mounter... this time, creating a forensic image from a physically-attached disk with the AIM Linux CLI. (& yes - slow laptop, slow disk, slow interface in this demonstration. 😂) ArsenalRecon.com #DFIR

Have you seen Arsenal Image Mounter's latest Linux functionality? Check out the AIM Linux Pro CLI creating a Recon Report from a disk image containing a BitLocker-protected volume and then unlocking & browsing that volume. ArsenalRecon.com #DFIR

@shanselman @Microsoft Ok, trying to reach Garrett now - thanks! We have another team at MS struggling to get this escalated internally.

@ArsenalRecon @Microsoft Absolutely! The real human is x.com/COBreck243/sta…

Hey I love dumping on my company as much as the next guy, because Microsoft does some dumb stuff, but sometimes it's just check emails and verify your accounts. Not every "WTF micro$oft" moment is a slam dunk. I've emailed VeraCrypt personally and we'll get him unblocked. I've already talked to Jason at WireGuard. Not everything is a conspiracy, sometimes it's literally paperwork.

Now that our "TechHive Scenario" Windows on Arm disk image has been used in a @ChamplainEdu CTF, we think it's time to make it public. Any thoughts on where we should host it? The disk image & associated files are approximately 90gb in size. ArsenalRecon.com #DFIR

Are you an @IACIS member attending the Orlando Training Conference? We'll be there for the first time as a company rather than as students. Come see us May 5-7 to talk about maximum exploitation of electronic evidence & try something fun at our table. #DFIR

Have you armed yourself with the latest Arsenal Image Mounter yet? See the new passkey usage information in action! As a bonus, you'll also see AIM running on Windows on Arm. ArsenalRecon.com #DFIR

Let's improve the signal-to-noise ratio in #DFIR social media! Check out Arsenal Image Mounter v3.12.344 on a Snapdragon X Elite Arm laptop launching a disk image from a Snapdragon 8cx Gen 2 laptop into a virtual machine & running @Belkasoft Triage! ArsenalRecon.com

Austrian law enforcement just sent us a great testimonial regarding how Arsenal Image Mounter & AIM Remote Agent are assisting in their cases! Have you armed yourself with our digital forensics tools? ArsenalRecon.com #DFIR

Interested in maximum exploitation of electronic evidence? Can you see why exposing both encrypted & decrypted slack & unallocated from BitLocker volumes could be useful? Keep in mind, this disk image was used for training purposes & had limited use! ArsenalRecon.com #DFIR

The use cases for connecting disks from safely-booted computers to Arsenal Image Mounter over a network are compelling. ArsenalRecon.com #DFIR