For those who forget your USB drive of tools while on the job http://live.sysinternals.com/
Also if you like the tools - I came across this Malware Analysis video from Mark Russinovich (author of the sysinternals suite) a couple of years back. For those not familiar with the tools , its definitely worth a watch. My personal Fav tool/feature would be the dumping of strings from volatile memory using process explorer Here's the video http://www.microsoft.com/emea/spotlight/sessionh.aspx?videoid=359 On Thu, Feb 11, 2010 at 7:32 PM, Matthew Lye <[email protected]> wrote: > I went a cached the site, especially all the source code. > Never know if MS is going to let a good thing keep going. > -Matthew Lye > > You can do anything you set your mind to when you have vision, > determination, and and endless supply of expendable labor. > <No trees were harmed during this transmission. However, a great number of > electrons were terribly inconvenienced> > > > On Fri, Feb 12, 2010 at 6:41 AM, Jack Daniel <[email protected]> wrote: >> >> One thing MS did right when they bought Sysinternals was bundle all of >> the tools in a single compressed file for easier download. >> >> So, who else dropped everything a few years ago when the MS >> acquisition of Sysinternals was announced and downloaded copies of >> everything they could find? >> >> Jack >> >> >> On Thu, Feb 11, 2010 at 2:23 PM, Josh Ciceraro <[email protected]> >> wrote: >> > I always put process explorer on all of my machines. It puts the task >> > manager to shame. Microsoft should be embarrassed. Psexec is another >> > awesome tool. I have just recently started using process monitor and >> > the >> > information you can get from it is just awesome. >> > >> > On Thu, Feb 11, 2010 at 1:34 PM, Butturini, Russell >> > <[email protected]> wrote: >> >> >> >> Absolutely. Sysinternals tools are the BEST for forensics, >> >> troubleshooting, systems management…Anything under the sun! I use >> >> psinfo, >> >> psloggedon, pslist,listdlls, and logonsessions in my forensics toolkit, >> >> and >> >> use process explorer as well when investigating malware. >> >> >> >> >> >> >> >> ________________________________ >> >> >> >> From: [email protected] >> >> [mailto:[email protected]] On Behalf Of Tyler >> >> Robinson >> >> Sent: Thursday, February 11, 2010 12:27 PM >> >> To: PaulDotCom Security Weekly Mailing List >> >> Subject: Re: [Pauldotcom] Sysinternals >> >> >> >> >> >> >> >> From both a white and grey hat perspective I love erd commander and >> >> pstools especially psexec I would be lost without psexec. >> >> >> >> On Feb 11, 2010 11:23 AM, "Josh Ciceraro" <[email protected]> >> >> wrote: >> >> >> >> Hello, >> >> >> >> I was wondering if anyone here in the group uses any of the >> >> sysinternals >> >> tools and what are some favorites. I really like autoruns, process >> >> explorer, and process monitor. Disk2Vhd seems pretty promising, though >> >> I >> >> haven't played with it yet. >> >> >> >> -- >> >> kaizoku Josh >> >> >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected] >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> >> >> >> >> >> >> >> ****************************************************************************** >> >> This email contains confidential and proprietary information and is not >> >> to >> >> be used or disclosed to anyone other than the named recipient of this >> >> email, >> >> and is to be used only for the intended purpose of this communication. >> >> >> >> >> >> ****************************************************************************** >> >> >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected] >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> > >> > >> > >> > -- >> > kaizoku Josh >> > >> > _______________________________________________ >> > Pauldotcom mailing list >> > [email protected] >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> >> >> >> -- >> ______________________________________ >> Jack Daniel, Reluctant CISSP >> http://twitter.com/jack_daniel >> http://www.linkedin.com/in/jackadaniel >> http://blog.uncommonsensesecurity.com >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
