sysinternals

Sysmon configuration file template with default high-quality event tracing

A Linux version of the ProcDump Sysinternals tool

Utilities for Sysmon

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Secure delete files with right click. GUI for Sysinternals SDelete tool

Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them should be moved or re-moved.

AwesomeWallpaper plays videos, shows images and system info on your desktop wallpaper

Volatility Explorer Suit

A ProcMon-esque tool for monitoring Windows Kernel Drivers

Code from process of reversing Sysinternals Suite for educational purposes, with videos to associate them

Scoop bucket for Sysinternals

Exploring Python3 Language from a Computing Perspective

Anti-Ransomware to mitigate and neutralize Ryuk Threat.

A PowerShell script to prevent Sysmon from writing its events

A command line tool that sends its input data to a running procmon instance.

Code example of detecting open process handles to our process (C/C++, Windows)

A re-creation of SysInternals BGInfo that doesn't touch the desktop wallpaper.

Small footprint executable triggering desktop background refreshes, helping to improve user experience and accessibility in VDI environments.

APC Injection is a code injection technique which bypasses TLS callback protections (Windows OS)

This repository contains tools and utilities used for developer