Open in app

Sign in

Write

Sign in

SysInternals — The Other Way Around

Kamran Saifullah
3 min readFeb 6, 2022

We all have been sometime, someday in our professional life have used SysInternals Suite. I personally have used these utilities extensively throughout my career as well.

The utilities in the SysInternal Suite are categorized into the following.

  • File and Disk Utilities
  • Networking Utilities
  • Process Utilities
  • Security Utilities
  • System Information
  • Miscellaneous

In this article, we are going to see the other ways via which we can run these utilities on a system on which these are not available.

Traditional Approach

If we talk about the traditional approach, we can simply go to the below Microsoft URL and can download the ZIP file.

Sysinternals Utilities - Windows Sysinternals

Sysinternals Suite The entire set of Sysinternals Utilities rolled up into a single download. Sysinternals Suite for…

docs.microsoft.com

Once, we have downloaded the zip file, all we need is to add it to the PATH, so that we can directly call the utilities from the command prompt, powershell prompt or the new Windows Terminal.

The Online Approach

Microsoft has provided us with their Live Domain which contains all the SysInternal Utilities. We can simply download it from the below mentioned URL as well, in case we are not interested in downloading the complete ZIP file.

live.sysinternals.com - /

Friday, August 20, 2021 10:19 PM 670 about_this_site.txt Tuesday, June 22, 2021 4:21 PM 1379216 accesschk.exe Tuesday…

live.sysinternals.com

Adding SysInternals To PATH

In order to have the folder added to the PATH variable, we can simply open the Windows Environment Variable or if you are a bug fan of Windows Terminal, you can type the following.

sysdm.cpl

The click on Environment Variables, Edit The PATH, add the SysInternal Suite location to the PATH and we are good to go.

Loading SysInternals Via Terminal

We can load the SysInternals Utilities directly from the command prompt as well. But for that there are some requirements to be achieved.

  1. At first, type the following to check whether we are able to access the domain or not.

It seems like that we are not able to access it. The network PATH was not found.

2. Check whether the WebClient Service is running or not.

If it is stopped we can simply enable it with Start-Service CMDLET.

3. Launch The Network and Sharing Center and Enable, Network Discovery.

control.exe /name Microsoft.NetworkAndSharingCenter

4. Installing Web-DAV Feature on Windows Server.

Install-WindowsFeature WebDAV-Redirector –Restart

5. Checking Web-Dav Feature on Windows Server.

Get-WindowsFeature WebDAV-Redirector

6. Once we are done and have an active internet connection on the said machine. We can simply launch the tools directly from the terminal.

\\live.sysinternals.com\tools\procmon.exe

7. We can also create a mapped drive.

net use * \\live.sysinternals.com\tools\

That’s All

Sysinternals
Microsoft
Malware
Red Team

--

--

Kamran Saifullah

Written by Kamran Saifullah

382 Followers

Malware/RE/Firmware Analysis, App Sec/Off Sec, VAPT, Phishing Simulations/SE | Risk Management, IS Governance, Audits, ISO 27001 LI

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams