Sysinternals
Jump to navigation
Jump to search
Description
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Tools
| Tool | Description |
|---|---|
| accesschk.exe | |
| AccessEnum.exe | |
| ADExplorer.exe | |
| ADInsight.exe | |
| adrestore.exe | |
| Autologon.exe | |
| autorunsc.exe | GUI that shows programs configured to autostart during boot |
| autoruns.exe | CLI version of autoruns |
| Bginfo.exe | |
| Cacheset.exe | |
| Clockres.exe | |
| Contig.exe | |
| Coreinfo.exe | |
| ctrl2cap.exe | |
| Dbgview.exe | |
| Desktops.exe | |
| disk2vhd.exe | |
| diskext.exe | |
| Diskmon.exe | |
| DiskView.exe | |
| du.exe | |
| efsdump.exe | |
| FindLinks.exe | |
| handle.exe | |
| hex2dec.exe | |
| junction.exe | |
| ldmdump.exe | |
| Listdlls.exe | Reports the DLLs loaded into processes |
| livekd.exe | |
| LoadOrd.exe | |
| logonsessions.exe | |
| movefile.exe | |
| ntfsinfo.exe | |
| pagedfrg.exe | |
| pendmoves.exe | |
| pipelist.exe | |
| portmon.exe | |
| procdump.exe | |
| procexp.exe | List running processes and show information about handles and DLLs used and loaded by processes |
| Procmon.exe | Monitoring tool for Windows that shows real-time file system, Registry and process/thread activity |
| PsExec.exe | Remotely execute commands |
| psfile.exe | Remotely display open files |
| PsGetsid.exe | Display a computer or a user SID |
| PsInfo.exe | Show information about a system |
| pskill.exe | Stop processes by name or ID |
| pslist.exe | Show details about processes |
| PsLoggedon.exe | Show logged on users on locally and via resource shares |
| psloglist.exe | List and remove events logs entries |
| pspasswd.exe | Change passwords |
| psping.exe | |
| PsService.exe | Display and manage services |
| psshutdown.exe | Stop and restart a computer |
| pssuspend.exe | Stop processes |
| RAMMap.exe | |
| RegDelNull.exe | |
| regjump.exe | |
| RootkitRevealer.exe | |
| ru.exe | |
| sdelete.exe | |
| ShareEnum.exe | |
| ShellRunas.exe | |
| sigcheck.exe | |
| streams.exe | View and delete Alternate Data Streams (ADS) |
| strings.exe | |
| sync.exe | |
| Sysmon.exe | |
| Tcpvcon.exe | |
| Tcpview.exe | |
| vmmap.exe | |
| Volumeid.exe | |
| whois.exe | |
| Winobj.exe | 32-bit Windows NT program that uses the native Windows NT API (provided by NTDLL.DLL) to access and display information on the NT Object Manager's name space |
| ZoomIt.exe |
Comments
Keywords: sysinternals windows malware