More Tools for Windows 🍌

In this room, our focus has been on command-line built-in tools readily available on any modern MS Windows system. We didn’t cover Graphical User Interface (GUI) tools; moreover, we didn’t cover any programs requiring additional downloading and installation steps.

This task mentions three options that are not built-in command-line tools:

• Sysinternals Suite

• Process Hacker

• GhostPack Seatbelt

Sysinternals Suite

The Sysinternals Suite is a group of command-line and GUI utilities and tools that provides information about various aspects related to the Windows system. To give you an idea, we listed a few examples in the table below.

Utility Name	Description
Process Explorer	Shows the processes along with the open files and registry keys
Process Monitor	Monitor the file system, processes, and Registry
PsList	Provides information about processes
PsLoggedOn	Shows the logged-in users

Check Sysinternals Utilities Index for a complete list of the utilities. If you want to learn more and experiment with these different utilities, we suggest the Sysinternals room.

Process Hacker

Another efficient and reliable MS Windows GUI tool that lets you gather information about running processes is Process Hacker. Process Hacker gives you detailed information regarding running processes and related active network connections; moreover, it gives you deep insight into system resource utilization from CPU and memory to disk and network.

GhostPack Seatbelt

Seatbelt, part of the GhostPack collection, is a tool written in C#. It is not officially released in binary form; therefore, you are expected to compile it yourself using MS Visual Studio.