Lmst

#Windows :windows: integriert #Sysmon nativ | Security https://www.heise.de/news/Sysmon-wird-Windows-Bestandteil-11084871.html #Windows11 #WindowsServer2025 #Sysinternals #SysinternalsSuite

https://winbuzzer.com/2025/11/18/microsoft-integrates-system-monitor-sysmon-into-windows-11-xcxwbn

Microsoft Integrates System Monitor (Sysmon) into Windows 11

#Windows11 #Sysmon #CyberSecurity #InfoSec #Microsoft #WindowsServer #Sysinternals #BlueTeam #ThreatHunting #EdgeAI #WindowsUpdate

ZoomIt v9.10, ProcDump 3.5 for Linux, and jcd 1.0.1 | Sysinternals buff.ly/UCS94Wf #devtools #sysinternals #windows #linux

ZoomIt v9.10, ProcDump 3.5 for...

ZoomIt v9.10, ProcDump 3.5 for Linux, and jcd 1.0.1 | Sysinternals

https://techcommunity.microsoft.com/blog/sysinternals-blog/zoomit-v9-10-procdump-3-5-for-linux-and-jcd-1-0-1/4461244

#devtools #sysinternals #windows #linux

quicktipp #103: inspecting the permissions of a named pipe on Windows with sysinternals `accesschk.exe`.

https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk

#windows #sysinternals #namedpipe #winio #docker #microsoft #acl #sddl #powershell

$# this is Docker's named pipe on Windows: # \\.\pipe\docker_engine # let's display its permissions with # `accesschk.exe` from http://microsoft.com/sysinternals # using the `\pipe\<name>` path over `\\.\pipe\<name>` # avoids opening the pipe, which can cause problems # compact summary PS> accesschk.exe -nobanner -accepteula \pipe\docker_engine \\.\Pipe\docker_engine RW BUILTIN\Administrators RW NT AUTHORITY\SYSTEM RW mycomputer\docker-users # (the gist of it: the `docker_engine` pipe grants ReadWrite permissions to the local Windows group `docker-users`.) # the exact SDDL PS> accesschk.exe -nobanner -accepteula -L \pipe\docker_engine \\.\Pipe\docker_engine_windows O:BAD:P(A;;FA;;;BA)(A;;FA;;;SY)(A;;0x12019f;;;S-1-5-21-2792129516-4286106307-505588360-1006) # verbose PS> C:\tools\accesschk.exe -nobanner -accepteula -lv \pipe\docker_engine_windows\\.\Pipe\docker_engine DESCRIPTOR FLAGS: [SE_DACL_PRESENT] [SE_DACL_PROTECTED] [SE_SELF_RELATIVE] OWNER: BUILTIN\Administrators [0] ACCESS_ALLOWED_ACE_TYPE: BUILTIN\Administrators FILE_ALL_ACCESS [1] ACCESS_ALLOWED_ACE_TYPE: NT AUTHORITY\SYSTEM FILE_ALL_ACCESS [2] ACCESS_ALLOWED_ACE_TYPE: mycomputer\docker-users FILE_ADD_FILE FILE_CREATE_PIPE_INSTANCE FILE_APPEND_DATA FILE_LIST_DIRECTORY FILE_READ_ATTRIBUTES FILE_READ_DATA FILE_READ_EA FILE_WRITE_ATTRIBUTES FILE_WRITE_DATA FILE_WRITE_EA [...]$

🖥️ “Big Brother is Watching!” by Bartek Bielawski taught how to troubleshoot client machines remotely using #PowerShell without disrupting users: 🧰 #Sysinternals (Handle, Procmon, RAMMap) 📡 #pktmon > netsh 🧪 Smart prep = zero friction 🎟️ psconf.eu #RemoteSupport #PSConfEU

- YouTube

Oh, finally!

I find it *hella* annoying that #Windows is smart enough to tell me that there's a running program that is keeping me from ejecting a USB disk. ...WITHOUT telling me which bloody program it is.

So apparently, the trick is to use #Sysinternals Process Explorer and use the Find Handle feature.

And the answer is... #Dropbox? Fucking *Dropbox*? I *specifically* told Dropbox to not touch drives. Why would it even be doing that??? What's *wrong* with cloud storage service developers? I swear none of the apps work logically and all of them are janky as f

A Linux version of the Procmon Sysinternals tool

https://github.com/microsoft/ProcMon-for-Linux

#HackerNews #Linux #Procmon #Sysinternals #Tool #Microsoft #GitHub

Identify Which Process Is Blocking a File in Windows | by Orin Thomas. buff.ly/3jll5QS #sysinternals #windows #utilities #poweruser #itpro

Identify Which Process Is Bloc...

Identify Which Process Is Blocking a File in Windows | by Orin Thomas.

https://techcommunity.microsoft.com/blog/itopstalkblog/identify-which-process-is-blocking-a-file-in-windows/4432635

#sysinternals #windows #utilities #poweruser #itpro

Linus Torvalds and Bill Gates Meet for the First Time

In a surprising turn of events, Microsoft co-founder Bill Gates and Linus Torvalds, the creator of the Linux kernel, recently met for the first time. The historic encounter took place at a dinner hosted by Sysinternals' creator Mark Russinovich.

This rare moment brought together icons from Linux and Windows, with Microsoft’s Dave Cutler also meeting Torvalds for the first time. As Russinovich humorously noted in a LinkedIn post, “No major kernel decisions were made.” https://www.linkedin.com/posts/markrussinovich_i-had-the-thrill-of-a-lifetime-hosting-dinner-activity-7341857033932914691-f5Kw/

#Linux #LinuxKernel #Windows #BillGates #Linus #LinusTorvalds #MSFT #Microsoft #Tech #Technology #RareMoment #TechWorld #OperatingSystem #OS #Kernel #Sysinternals #DaveCutler