BitRocker – Bitlocker Recovery Key Identifier




This utility will allow you to pull the recovery key identifiers from a bitlocker encrypted volume.

It works against live disks, e01s, raw disks, vhds, vmdks and others.

To use it you run Bitrocker -s <name of image>


With the recovery key identification you could then:

  1. Validate a key is meant for a volume for decryption
  2. Search an active directory database for the correct recovery key
  3. Carve free space looking for deleted recovery keys