Tour of the Sysinternals Tools
1. Introducion & Licensing
Free for personal and corporate use
License required for redistribution
2. Process & Thread Tools
| Prcess Explorer | "Super Task Manager" |
PsTools:
| PsList | list processes | pslist, pslist /s, pslist /t |
| PsKill | kill processes | |
| PsSuspend | suspend processes | |
| PsExec | execute a command | psexec \\remote cmd |
| PsService | control services | |
| PsInfo | display system information psinfo | |
| PsLogList | process event logs | |
| PsLoggedOn | who is logged on |
3. System Information Tools
| BgInfo | create useful system information backgrounds |
| ProcFeatures | processor hardware features |
| LoadOrder | show load order of drivers and services |
| PendMoves | list pending file operations |
| Portmon | serial port monitor |
Developer tools
| DebugView | view debug messages |
| Winobj | view object manager namespace |
| LiveKd | live kernel debugger |
4. File & Disk Tools
| Filemon | monitors file system I/O |
| Diskmon | monitor disk I/O |
| Diskview | view disk sector usage |
| Du | display disk usage |
| Contig | file level defragmenter |
| PageDefrag | system file defragmenter |
Other file system tools
| Junction | manipulate symbolic links |
| Sync flush | cached disk data |
| Streams | show alternate NTFS stream |
5. Registry Tools
| Regmon | registry monitor | |
| Regjump | jump to any registry location | regjump hklm\system\currentcontrolset |
6. Security Tools
Malware tools
| Autoruns | list autostart programs |
| Sigcheck | check digital signatures |
| RootketRevealer | look for hidden files/registry keys |
Permissions tools
| AccessEnum | list access rights to files and registry keys |
| ShareEnum | list share permissions and rights |
Other security tools
| SDelete | secure file delete |
| NewSID | generate security IDs(for disk cloning) |
7. Networking Tools
TCP/IP tools
| TCPView | view TCP and UDP endpoints |
| Whois | list internet registration ownership |
| AdRestore | undelete AD objects |
浙公网安备 33010602011771号