I've submitted my entry for the Bad UX World Cup!

A date picker where the values get populated by a snake game. The apple is a number that changes randomly.

Try it out at safia.rocks/BadDatePicker/ 🤪

🚀 New Sysinternals updates just dropped!
ZoomIt now supports image smoothing for crisper visuals
ProcDump for Linux adds restracking - no triggers needed

Grab the latest tools at sysinternals.com.

See what's new on the Sysinternals Blog: techcommunity.microsoft.com/blog/sysinte...

Interesting memory dump analysis in WinDbg. I think it's very useful not to show only the "golden path" to the solution!

OST2 is an amazing (and free!) platform for learning.

next goal: 12 hour stream :D

storage account with the website hosting option enabled?

Another excellent series is "The Case of the Unexplained" by Mark: www.youtube.com/watch?v=AJyr... #sysinternals

After so many posts about Sysinternals, you may be interested in learning more about the Sysinternals Suite. The official reference is the book "Troubleshooting with the Windows Sysinternals Tools" written by @markrussinovich.bsky.social and Aaron Margosis.

Canada looks truly beautiful. It's a country I absolutely want to visit... that incredible scenery!

In addition, it's a very good idea to set the environment variable _NT_SYMBOL_PATH. By default, it points to the Microsoft Symbol Server, but sometimes you may want to use other symbol servers (e.g., for Chromium). #sysinternals

It's possible to explore the stack of specific threads in Process Explorer. Unfortunately, the stack will not resolve properly without some modifications. Usually, you need to install the Debugging Tools for Windows (from the Windows SDK) and set the DbgHelp.dll path correctly.

not just one, but TWO streams this week!!! tomorrow at 7p EST, join us to celebrate the release of #aspire 9.5 (👀👀👀 stay tuned for more info), and for #aspirifridays we're going to try to deploy bingo AGAIN. subscribe!! see you soon!

www.youtube.com/watch?v=29zI...
www.youtube.com/watch?v=80ck...

You probably know about Autoruns. It's a great tool for analyzing startup apps from different sources. But do you also know the CLI version? It's called AutorunsC — great for exporting or piping the output, but you can't disable or delete entries with it. #sysinternals

Big news for .NET developers!
Starting with .NET 9, Standard Term Support (STS) releases will now be supported for 24 months instead of 18. Learn why this change matters and how it impacts your upgrade plans: msft.it/63320sWrrj
#dotnet #DeveloperUpdates

Why would lsass.exe consume an entire core of CPU time for minutes at a time? An ETW trace shows that it is spending its time in efscore.dll!EfspGetUserDecryptionKeyForHash. Inside that it spends most of its time opening/closing files in AppData\Roaming\Microsoft\SystemCertificates\My\Certificates

Only for Microsoft support cases. I think it makes sense from a Microsoft perspective, because you never know if the other person is capable of collecting the required logs. If you troubleshoot issues on your own, you know which logs are needed.

During your troubleshooting adventure, it's common that you want to filter to all write access. That's very easy with Process Monitor. You can just filter to Category is Write. That will work for file and registry activities.
#sysinternals

Another tool is the Sysinternals Azure DevOps Extension (marketplace.visualstudio.com/items?itemNa...). The extension gives you access to specific Sysinternals tools during the build process.
#sysinternals

Sysinternals continuously develops new tools, and it's not even limited to Windows. There is ProcDump for Linux (github.com/microsoft/Pr...) by @mariohewardt.com.

I'm not sure how I missed this article on Entra Kerberos, but it's the most comprehensive documentation I've seen yet, absolutely fantastic

If this is the "Introduction to Microsoft Entra Kerberos", I'm honestly a little scared to see the deep dive 🫣😅

learn.microsoft.com/...

Sysinternals jcd (jump change directory) is a Rust-based command-line tool that provides enhanced directory navigation with substring matching and smart selection. It's like the cd command, but with superpowers!

medium.com/@marioh_7832...

ProcMon & ProcDump is a great combination. ProcDump sends the output to ProcMon. The operation is "Debug Output Profiling" and gives a unified view.

Reference: Troubleshooting with the Windows Sysinternals Tools (page: 213)
#sysinternals

rdanalyzer.com but I think it's more or less dead now.

Thank you, I just found it a bit funny :-) Thanks for the new Visual Studio!