ZoomIt v10.0, Sysmon 1.5 for Linux, Sigcheck v2.91, RAMMap v1.62, and RDCMan v3.12

https://techcommunity.microsoft.com/blog/sysinternals-blog/zoomit-v10-0-sysmon-1-5-for-linux-sigcheck-v2-91-rammap-v1-62-and-rdcman-v3-12/4492342

#sysinternals #devtools #windows #linux #utilities

An dieser Stelle sollte ich vielleicht mal 1 Schritt zurücktreten und resümieren, was passiert ist. Die Beiträge waren teils recht kleinteilig, obwohl ich nur das wichtigste notiert habe. Tatsächlich war das eine umfangreiche Analyse mit #winmerge #notepad++ #regedit #gpu-z #hwinfo #Sandboxie #sysinternals #DependencyWalker, #archiveorg unter Mithilfe von #ChatGPT und #perplexity Die beiden erzählen leider auch Mist und man muss genau hinschauen, aber ohne sie wäre das kaum machbar gewesen

#Windows :windows: integriert #Sysmon nativ | Security https://www.heise.de/news/Sysmon-wird-Windows-Bestandteil-11084871.html #Windows11 #WindowsServer2025 #Sysinternals #SysinternalsSuite

Der #Sysinternals System Monitor soll in Windows 11 integriert werden. https://techcommunity.microsoft.com/blog/windows-itpro-blog/native-sysmon-functionality-coming-to-windows/4468112
Vielleicht ist das der Grund, dass jetzt #Windows7 hinten runter fällt - schade.

Zurück zu #KabyLake ich habe das mit #perplexityai und #ChatGpt diskutiert. Bei ersterem stößt man leider schnell an die Grenzen und dreht sich dann im Kreis. Mit ChatGpt (Basismodell) kann man erstaunlich tief in das Problem eindringen, aber es ist beileibe nicht alles richtig, was das Ding erzählt. Man muss hinschauen!

https://winbuzzer.com/2025/11/18/microsoft-integrates-system-monitor-sysmon-into-windows-11-xcxwbn

Microsoft Integrates System Monitor (Sysmon) into Windows 11

#Windows11 #Sysmon #CyberSecurity #InfoSec #Microsoft #WindowsServer #Sysinternals #BlueTeam #ThreatHunting #EdgeAI #WindowsUpdate

ZoomIt v9.10, ProcDump 3.5 for Linux, and jcd 1.0.1 | Sysinternals

https://techcommunity.microsoft.com/blog/sysinternals-blog/zoomit-v9-10-procdump-3-5-for-linux-and-jcd-1-0-1/4461244

#devtools #sysinternals #windows #linux

quicktipp #103: inspecting the permissions of a named pipe on Windows with sysinternals `accesschk.exe`.

https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk

#windows #sysinternals #namedpipe #winio #docker #microsoft #acl #sddl #powershell

🖥️ “Big Brother is Watching!” by Bartek Bielawski taught how to troubleshoot client machines remotely using #PowerShell without disrupting users: 🧰 #Sysinternals (Handle, Procmon, RAMMap) 📡 #pktmon > netsh 🧪 Smart prep = zero friction 🎟️ psconf.eu #RemoteSupport #PSConfEU

- YouTube

Oh, finally!

I find it *hella* annoying that #Windows is smart enough to tell me that there's a running program that is keeping me from ejecting a USB disk. ...WITHOUT telling me which bloody program it is.

So apparently, the trick is to use #Sysinternals Process Explorer and use the Find Handle feature.

And the answer is... #Dropbox? Fucking *Dropbox*? I *specifically* told Dropbox to not touch drives. Why would it even be doing that??? What's *wrong* with cloud storage service developers? I swear none of the apps work logically and all of them are janky as f

A Linux version of the Procmon Sysinternals tool

https://github.com/microsoft/ProcMon-for-Linux

#HackerNews #Linux #Procmon #Sysinternals #Tool #Microsoft #GitHub

🖥️ “Big Brother is Watching!” by Bartek Bielawski taught how to troubleshoot client machines remotely using #PowerShell without disrupting users: 🧰 #Sysinternals (Handle, Procmon, RAMMap) 📡 #pktmon > netsh 🧪 Smart prep = zero friction 🎟️ psconf.eu #RemoteSupport #PSConfEU

- YouTube

Identify Which Process Is Blocking a File in Windows | by Orin Thomas.

https://techcommunity.microsoft.com/blog/itopstalkblog/identify-which-process-is-blocking-a-file-in-windows/4432635

#sysinternals #windows #utilities #poweruser #itpro

Linus Torvalds and Bill Gates Meet for the First Time

In a surprising turn of events, Microsoft co-founder Bill Gates and Linus Torvalds, the creator of the Linux kernel, recently met for the first time. The historic encounter took place at a dinner hosted by Sysinternals' creator Mark Russinovich.

This rare moment brought together icons from Linux and Windows, with Microsoft’s Dave Cutler also meeting Torvalds for the first time. As Russinovich humorously noted in a LinkedIn post, “No major kernel decisions were made.” https://www.linkedin.com/posts/markrussinovich_i-had-the-thrill-of-a-lifetime-hosting-dinner-activity-7341857033932914691-f5Kw/

#Linux #LinuxKernel #Windows #BillGates #Linus #LinusTorvalds #MSFT #Microsoft #Tech #Technology #RareMoment #TechWorld #OperatingSystem #OS #Kernel #Sysinternals #DaveCutler

ProcDump 3.4.1 for Linux and Sysmon 1.3.5 for Linux now available.

https://techcommunity.microsoft.com/blog/sysinternals-blog/procdump-3-4-1-for-linux-and-sysmon-1-3-5-for-linux/4394499

#sysinternals #utilities #linux #devtools

EPISODE 10 - Scott & Mark Learn To... Zoomit with Scott Hanselman & Mark Russinovich | Wed at 12:15pm EST.

https://www.youtube.com/watch?v=8WEoZ646Ikk

#zoomit #sysinternals #windows #devtools

#BSI WID-SEC-2025-0231: [NEU] [UNGEPATCHT] [mittel] #Microsoft #SysInternals: Schwachstelle ermöglicht Codeausführung

Ein lokaler Angreifer kann eine Schwachstelle in Microsoft SysInternals ausnutzen, um beliebigen Programmcode auszuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0231

ZoomIt v9.0 from Sysinternals.

This release adds drawing and annotation on top of live windows and the desktop.

https://techcommunity.microsoft.com/blog/sysinternals-blog/zoomit-v9-0/4358021
#windows #powerusers #sysinternals #utilities

Announcing ZoomIt v9.0 with LiveDraw and LiveZoom

No more freezing before sketching/writing. Now you can write/draw on the Windows desktop & over applications that are actively moving on the screen.

And it's still free! 😁

https://techcommunity.microsoft.com/blog/sysinternals-blog/zoomit-v9-0/4358021

#SysInternals #Microsoft #Tools #windows

Premiering tomorrow: EPISODE 6 - Scott & Mark Learn To... Take a Dump.

https://buff.ly/3ZwJETv
#podcast #devcommunity #programming #productivity #debugging #windowsdev #sysinternals

Today I'm really pissed off.

The website of my #remote #desktop management application of choice has been blocked by our corporate's policies, therefore I can't download any more updates for it...

So this application is unsafer by a tiny bit every day new versions are not installed and I cannot guarantee, under my responsibility, that it is being stewarded (...updated, assessed...) correctly. So I can only remove it from my system.

Why don't I use a single RDP server and access all the others via console? Yes I do it for most of the job, but sometimes you've got to see what it feels like, you need to launch installers, applications and graphical tools that all the #Powershell of the world can't give you a feedback about.

Why don't I use #RDM by #Sysinternals? Because I can't do it properly, as some specific settings on our environment makes it unusable. Well, I could use it if I really wanted to script the remote servers creation phase, injecting the extra settings needed by the .rdp files, but...

Fuck you! I refuse

I will not do this. I will just keep a folder where I'll add a new .rdp file, manually crafted, every time I need to access one of my more than 700 supported Windows servers. It will take an insane amount of time, but this is how my company wants to spend their money, otherwise they would have provided me with the same capability they brought me away.

I was so pissed off that without realizing I built my menu-based RDM app from ground up in Powershell, and I'm going to share it on #Codeberg in the next days.

* List servers in a .csv file with some properties
* Pattern-search or filter the list by properties
* Connect to a server via mstsc
* Generate the .rdp for a server
* Add (or update) a server to the list
* Remove a server from the list
* Keeps track of last connection timestamp and connection count for each server

Select command: (<C>onnect, <G>enerate .rdp, <L>ist, <A>dd, <R>emove, e<X>it)?