Microsoft disponibiliza nova versão da Suite Sysinternals para Windows, Nano Server e ARM64

A Microsoft disponibilizou recentemente uma nova atualização (build 2023.03.30) da Suite Sysinternals para Windows, Nano Server e ARM64. Esta Suite gratuita é destinada a IT Pros e Power Users e inclui ferramentas para monotorização de processos (Process Explorer e Process Monitor), monotorização e conversão de Discos Rígidos (DiskMon e Disk2vhd), analise de Dumps (ProcDump), entre…

View On WordPress

(via Install SysInternals from the Microsoft Store)

Sysinternals' Process Monitor Version 4 Released

Source: https://isc.sans.edu/diary/rss/31026

More info: https://learn.microsoft.com/en-gb/sysinternals/downloads/procmon

A couple of notes from a techy young person who's been wrasslin' Windows for almost two years because of a bet, but is a Linux native:

* Get comfortable opening a terminal. There's a lot of useful programs that work better when the person telling you how to use them can just say "type this specifically" rather than having to learn all the ways the new update moved around all the graphical elements.

* Use a package manager. It's not worth it to try and remember to keep every little thing updated on its own. Choco can do it for you.

* Honestly? Stop the most egregious data collection from Windows, and give up on stopping everything. Do what you can to learn the ever-rotating steps it takes to block ads (because they are actually an affront to nature) - right now, uBlock Origin for your Firefox (and do use Firefox, everything else is Google these days) and searching for "tips, tricks" and/or "ads" in settings for Windows get most of them. To completely stop Windows data collection, you can use a tool called O&O ShutUp10, (package shutup10 on choco) but knowing what is and isn't safe to turn off is its own learning process. (Generally, turn off things it says are safe to.)

* If you actually need for some reason to be sure you aren't having data collected by the system, switch operating systems. Linux is the classic choice, and honestly is pretty user friendly imo these days. If you don't want to figure it out, though, honestly Macs are fine. I use them for work, they're functional, just too expensive. I'm not aware of nearly as many privacy concerns there, but I also work in about the least security- critical space possible so I've never had to check.

* Use the tool "autoruns" to decide what starts when on your computer. Google "sysinternals live" for instructions on how to run it off of the network - part of their deal with Microsoft when they were bought out is that their tools have to be available freely. They forgot to say it had to be publicised, but hey, it's at least available.

* That backup on a hard drive should really be stored somewhere that isn't your house, and that won't disappear due to interpersonal drama. Keep it with your childhood bestie you don't talk to much these days but who's always in your corner, not with your latest crush. Or with family, if you have family worth keeping it with. (I don't follow this advice, but I also high-key want to get out of that stupid bet.)

* For a specific password manager recommendation, I use Bitwarden. It's free for basically any use most folks could want from it, open source (so folks can and have checked that they aren't secretly stealing your passwords or storing them badly), and available most anywhere. Also, turn on two factor authentication. Where available, I use a YubiKey because it's easier than always being near my phone, but I also have an authentication app on my phone for the many, many places that don't take U2F or FIDO yet. (What those acronyms stand for isn't important, they're just different protocols for how to check to make sure you have a particular physical key to prove you're not just someone who guessed your password.)

Most importantly, never assume you're smart enough that you don't need to keep learning. This journey don't stop, and I don't think it should. Keep on going, and find ways to curate joy even when the digital world is becoming a digital wasteland. There's still people out there who make it worth it.

Me: oh yeah, if you think school photography is hard now, try imagining doing this with film.

The new girl: what’s film?

Me: … film. Like… film that goes in a film camera.

New girl: what’s that mean?

Me: … before cameras were digital.

New girl: how did you do it before digital?

Me:… with film? I haven’t had enough coffee for this conversation

🔧 Fix TLD_NOT_SUPPORTED WHOIS Error ⚡Quick & Easy Guide

Introduction

Running a WHOIS lookup and suddenly getting hit with the error "TLD_NOT_SUPPORTED" can feel frustrating—especially when you're just trying to grab some basic domain information. But don’t worry, this isn’t as complicated as it sounds. In this guide, I’ll break down why this error happens and, more importantly, how you can fix it. Let’s dive in and get your WHOIS queries back on track. 🚀

🔍 What Is a WHOIS Lookup, Anyway?

Before we jump into the solutions, let’s quickly cover the basics. A WHOIS lookup helps you find details about a domain name—like who owns it, when it expires, and where it’s registered. It’s super handy for everything from buying domains to cybersecurity checks. But sometimes, when you try to look up a domain, you might hit this error: "Failed to perform lookup using WHOIS service: TLD_NOT_SUPPORTED." This simply means the WHOIS tool doesn’t recognize or support the Top-Level Domain (TLD) of the domain you’re searching for. TLDs are the endings of domain names—like .com, .net, .org, or newer ones like .ai or .tech.

⚠️ Why Am I Seeing This Error?

There are a few reasons why this might be happening: - The domain extension (TLD) isn’t supported by the WHOIS tool you’re using. - Your WHOIS tool is outdated and doesn’t recognize newer TLDs. - The server for that specific TLD isn’t properly set up in your system. - Your network or firewall might be blocking the WHOIS service. - Certain TLDs have restrictions due to privacy laws like GDPR. The good news? Each of these issues has a fix. Let’s go through them step by step.

🔧 How to Fix the TLD_NOT_SUPPORTED Error

✅ 1. Double-Check the Domain Name The simplest solution is often the most overlooked. A typo in the domain name could be causing the issue—especially if you’re dealing with unfamiliar TLDs. Try this: - Make sure the domain is spelled correctly. - Verify that the TLD is valid. For example, .comm or .coom won’t work—only .com will. Still stuck? Move on to the next step. 🔄 2. Use an Updated WHOIS Tool If your WHOIS tool is outdated, it might not recognize newer TLDs like .ai, .dev, or .app. How to update your WHOIS client: - On Linux (Debian-based): sudo apt update && sudo apt upgrade whois - On Windows: - Use PowerShell to install a fresh WHOIS tool. - You can also try using third-party WHOIS applications like Sysinternals WHOIS. ⚙️ 3. Set Up the Correct WHOIS Server Not all WHOIS clients automatically know where to look for every TLD. You might need to manually point your tool to the right server. Here’s how: - Run a WHOIS command using the specific TLD server: whois -h whois.nic. example. 🔗 Example: For an .ai domain, type: whois -h whois.nic.ai example.ai - On Linux systems, you can also edit the configuration file (/etc/whois.conf) to add missing WHOIS servers permanently. 🔒 4. Check Your Firewall and Network Settings WHOIS lookups typically use port 43. If your network or firewall blocks this port, you won’t be able to run WHOIS queries. Here’s what you can do: - Try connecting through a VPN to bypass network restrictions. - Check your firewall settings and ensure port 43 is open for outgoing traffic. 🛡 5. Domain Registry Restrictions Some domains hide WHOIS data due to privacy laws, like GDPR. In such cases, your lookup might not return any information, even if the TLD is supported. Solution: - Use registrar-specific WHOIS lookup tools. For example: - GoDaddy WHOIS - Namecheap WHOIS - Contact the domain registrar directly for more information.

📋 Quick Troubleshooting Cheat Sheet

Problem Solution Incorrect or unsupported TLD Double-check the domain name and TLD Outdated WHOIS tool Update your WHOIS client Missing WHOIS server configuration Manually set the correct WHOIS server Firewall blocking WHOIS requests Use a VPN or unblock port 43 Privacy restrictions on domain Use the registrar’s WHOIS tool

🎨 Visual: How WHOIS Lookup Works

Here’s a simple illustration of the WHOIS lookup process and where things can go wrong: 🎨 (Image suggestion: A flow diagram showing a user sending a WHOIS request, the query traveling through the internet, hitting the WHOIS server, and either receiving the data or getting blocked due to TLD_NOT_SUPPORTED.)

💡 Final Thoughts

The "TLD_NOT_SUPPORTED" error can be annoying, but it’s usually easy to fix once you know what’s causing it. Whether it’s updating your WHOIS tool, checking your domain’s spelling, or tweaking network settings, one of these solutions should have you sorted in no time. Read the full article

Τα Windows Sysinternals είναι μία σουίτα...

8 best Sysinternals tools for Windows power users https://www.xda-developers.com/best-sysinternals-tools-windows/

Sysinternals - Danh sách các công cụ cho windows

Source: https://learn.microsoft.com/en-us/sysinternals/ The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows and Linux systems and applications. Read the official guide to the…

PsExec Kullanımı ve Önemli Komutlar

Merhaba, bu yazımda sizlere PsExec kullanımı ve önemli komutlar konusundan PsExec, Sysinternals tarafından geliştirilen bir komut satırı aracıdır ve özellikle bir etki alanında (domain) sistem yönetimi ve uzaktan komut çalıştırma için oldukça kullanışlıdır. PsExec ile bir etki alanında yapabileceklerinizden bazıları şunlardır. PsExec v2.43 Uzaktan Komut Çalıştırma PsExec ile bir etki alanındaki…

Hướng Dẫn Tối Ưu Hiệu Suất VPS Windows: Đảm Bảo Hệ Thống Luôn Mạnh Mẽ

Sử dụng VPS Windows có thể mang lại nhiều lợi ích vượt trội trong việc quản lý và triển khai các ứng dụng trực tuyến. Tuy nhiên, để khai thác tối đa hiệu suất của VPS, việc tối ưu hóa là điều cần thiết. Bài viết này sẽ chia sẻ những phương pháp hiệu quả để tối ưu hóa VPS Windows, giúp hệ thống của bạn luôn hoạt động với hiệu suất tốt nhất.

Vì Sao Cần Tối Ưu Hóa VPS Windows?

Việc tối ưu hóa VPS Windows không chỉ giúp hệ thống hoạt động mượt mà hơn mà còn giảm thiểu chi phí vận hành, tăng cường bảo mật và nâng cao trải nghiệm người dùng. Một VPS hoạt động chậm không chỉ ảnh hưởng đến tiến độ công việc mà còn có thể gây ra các vấn đề nghiêm trọng về bảo mật và quản lý tài nguyên.

Các Cách Tối Ưu Hiệu Suất VPS Windows

1. Cấu Hình Hệ Thống Hiệu Quả

Cấu hình hệ thống là yếu tố quan trọng để đảm bảo VPS Windows hoạt động hiệu quả. Hãy chắc chắn rằng bạn đã cấu hình hệ điều hành và các dịch vụ đúng với nhu cầu sử dụng. Một cấu hình quá tải có thể gây ra tình trạng chậm trễ và giảm hiệu suất.

Các bước cần thực hiện:

Tối ưu hóa dịch vụ khởi động: Loại bỏ những dịch vụ không cần thiết khởi động cùng hệ thống để giảm thời gian khởi động và tăng hiệu suất.

Thiết lập giới hạn tài nguyên: Đảm bảo rằng các ứng dụng không chiếm dụng quá nhiều tài nguyên, gây ảnh hưởng đến hoạt động của các dịch vụ khác.

2. Giảm Tải Cho CPU và RAM

CPU và RAM là hai thành phần quan trọng ảnh hưởng đến hiệu suất của VPS Windows. Việc giảm tải cho CPU và RAM sẽ giúp hệ thống hoạt động nhanh hơn và ổn định hơn.

Một số cách để giảm tải:

Tắt các ứng dụng không cần thiết: Những ứng dụng không sử dụng nhưng vẫn chạy ngầm có thể làm tăng tải cho CPU và RAM.

Điều chỉnh ưu tiên ứng dụng: Thiết lập mức độ ưu tiên cho các ứng dụng quan trọng hơn để đảm bảo chúng luôn có đủ tài nguyên để hoạt động mượt mà.

3. Bảo Trì Hệ Thống Định Kỳ

Việc bảo trì hệ thống định kỳ là cách tốt nhất để giữ cho VPS Windows hoạt động với hiệu suất tối đa. Bảo trì bao gồm các hoạt động như cập nhật hệ điều hành, dọn dẹp ổ cứng, và kiểm tra tình trạng của các thành phần phần cứng.

Các bước bảo trì cần thực hiện:

Cập nhật hệ điều hành: Luôn giữ cho hệ điều hành được cập nhật với các bản vá bảo mật và tối ưu hóa mới nhất.

Dọn dẹp ổ cứng: Xóa các file tạm thời, các file log cũ và những dữ liệu không cần thiết để giải phóng không gian ổ cứng.

Kiểm tra phần cứng: Định kỳ kiểm tra tình trạng của ổ cứng, RAM và các thành phần khác để phát hiện và khắc phục kịp thời các vấn đề tiềm ẩn.

4. Tối Ưu Hóa Cấu Hình Mạng

Mạng lưới là yếu tố quan trọng đối với một VPS, đặc biệt khi hệ thống phải phục vụ nhiều người dùng hoặc các dịch vụ yêu cầu băng thông lớn.

Các cách tối ưu hóa cấu hình mạng:

Sử dụng DNS nhanh hơn: Chuyển sang sử dụng các DNS có tốc độ phản hồi nhanh để giảm độ trễ khi truy cập internet.

Cài đặt tường lửa (firewall): Tường lửa không chỉ giúp bảo vệ hệ thống mà còn có thể được cấu hình để tối ưu hóa lưu lượng mạng, tránh lãng phí tài nguyên.

5. Sử Dụng Các Công Cụ Tối Ưu Hóa Chuyên Dụng

Việc sử dụng các công cụ tối ưu hóa hệ thống chuyên dụng có thể giúp bạn quản lý và tối ưu hóa hiệu suất VPS Windows một cách dễ dàng và hiệu quả.

Hai công cụ gợi ý:

CCleaner: Đây là công cụ mạnh mẽ giúp dọn dẹp hệ thống, xóa các file tạm thời và tối ưu hóa registry, giúp VPS của bạn hoạt động nhanh hơn.

Sysinternals Suite: Bộ công cụ này bao gồm nhiều tiện ích hỗ trợ việc giám sát, phân tích và tối ưu hóa hiệu suất hệ thống, phù hợp cho người dùng chuyên nghiệp.

Kết Luận

Tối ưu hóa VPS Windows là một bước cần thiết để đảm bảo rằng hệ thống của bạn luôn hoạt động với hiệu suất cao nhất. Bằng cách áp dụng những phương pháp và công cụ được giới thiệu trong bài viết này, bạn sẽ có thể cải thiện tốc độ, độ ổn định, và bảo mật cho hệ thống VPS của mình. Đừng chờ đợi đến khi hệ thống gặp sự cố mới bắt đầu tối ưu hóa, hãy thực hiện ngay từ hôm nay để đảm bảo công việc của bạn luôn diễn ra trôi chảy và hiệu quả.

Best tool to identify which application is going through which ports

“Ethical Hacking Toolbox: Essential Tools and Strategies”

Essential Tools for Ethical Hacking

Ethical hackers rely on a variety of tools and software to effectively identify and assess vulnerabilities in computer systems and networks. These tools are essential for conducting successful ethical hacking engagements. Let’s explore some of the key tools used in the field:

1. Nmap (Network Mapper) Nmap is a versatile open-source tool that serves as a network scanner and mapper. It excels in discovering open ports, services, and operating systems running on a network. Nmap’s extensive capabilities make it a fundamental tool for reconnaissance and vulnerability assessment.

2. Wireshark Wireshark is a widely-used network protocol analyzer, enabling ethical hackers to monitor and capture data on a network in real time. With its packet-sniffing capabilities, Wireshark helps in analyzing network traffic, identifying potential security issues, and understanding the communication between devices.

3. Metasploit Metasploit is a powerful penetration testing framework that empowers ethical hackers to identify, exploit, and validate vulnerabilities in target systems. It offers a vast collection of pre-built exploits, payloads, and auxiliary modules, making it an essential tool for both beginners and experienced professionals.

5. Aircrack-ng Aircrack-ng is a robust suite of tools for auditing and securing wireless networks. Ethical hackers can utilize Aircrack-ng to assess the security of Wi-Fi networks, perform packet capture and analysis, and test the strength of wireless encryption protocols. This tool is especially valuable for identifying weaknesses in wireless network configurations.

6. Nikto Nikto is a web server scanner that helps ethical hackers identify potential vulnerabilities in web servers and web applications. It scans for outdated software, security misconfigurations, and common issues, making it an essential tool for web security testing.

7. Hydra Hydra is a versatile password-cracking tool that ethical hackers use to perform brute-force and dictionary attacks on login systems. It supports various protocols and services, allowing testers to assess the strength of password security.

8. Ghidra Ghidra, developed by the National Security Agency (NSA), is a powerful open-source software reverse engineering tool. Ethical hackers use it to analyze and understand malware, decompile binaries, and inspect software for vulnerabilities.

9. John the Ripper John the Ripper is a popular password-cracking tool known for its speed and effectiveness. Ethical hackers rely on it to test the strength of password hashes and identify weak or easily guessable passwords.

10. Hashcat Hashcat is another widely used password-cracking tool that supports a variety of algorithms and attack modes. Ethical hackers can use Hashcat to recover forgotten passwords or audit the security of password hashes.

11. Snort Snort is an open-source intrusion detection system (IDS) that helps ethical hackers monitor network traffic for suspicious activities or known attack patterns. It aids in the early detection of potential security threats.

12. OpenVAS OpenVAS (Open Vulnerability Assessment System) is a full-featured vulnerability scanner that assists ethical hackers in identifying security weaknesses in networks and web applications. It offers comprehensive vulnerability assessment and reporting capabilities.

13. Cain and Abel Cain and Abel is a password recovery tool that ethical hackers use to recover passwords through various methods like dictionary attacks and cryptanalysis. It is particularly helpful for recovering forgotten passwords or assessing password security.

14. Sysinternals Suite The Sysinternals Suite, developed by Microsoft, is a collection of powerful system utilities. Ethical hackers use these tools to explore and troubleshoot Windows systems, as well as analyze system internals for potential security issues.

These essential tools empower ethical hackers to conduct thorough assessments of computer systems, networks, and applications, helping organizations strengthen their cybersecurity defences.

If you want to learn more about it, I highly recommend that you contact ACTE Technologies because they offer certifications and job placement opportunities. Experienced teachers can help you learn better. You can find these services both online and offline.

If you feel that my response has been helpful, make sure to follow me and it will encourage me to upload more content about Ethical hacking.

Thanks for spending your valuable time and upvotes here. Have a great day.

Windows Sysinternals

http://i.securitythinkingcap.com/SwHg4z

Top Mobile Application Penetration Testing Tools for Android and iOS

A native mobile application is subjected to a security evaluation known as a “mobile application penetration test.” A smartphone-specific app is referred to as a “native mobile application.” It is programmed in a particular language designed for the corresponding operating system, usually Swift for iOS and Java, BASIC, or Kotlin for Android.

In the context of the mobile application, “data at rest” and “data in transit” security testing are often included in mobile app penetration tests. No matter if it is an Android, iOS, or Windows Phone app, this is true. As part of a penetration test, tools are used to automate some operations, increase testing speed, and detect flaws that can be challenging to find using only human analytic techniques.

In order to ensure exceptional accuracy and to harden a mobile app against malicious assaults, a manual penetration test offers a wider and deeper approach. While vulnerability assessments are responsible for identifying security flaws, penetration testing confirms that these issues are real and demonstrates how to take advantage of them. In order to access both the network level and important applications, penetration testing targets the app’s security flaws and weaknesses throughout the environment.

The mobile application vulnerability assessment and penetration testing (VAPT) locates exploitable flaws in code, systems, applications, databases, and APIs before hackers can find and take advantage of them. Utilizing harmful apps has the potential to be risky, and untested apps could include faults that expose the data of your company.

There is lots of mobile application penetration testing (android or iOS) tools available but we mentioned important mostly used tools or software’s.

Mobile Application (Android and iOS) Scanner:

MobSF: https://github.com/MobSF/Mobile-Security-Framework-MobSF

Android:

1. Apktool: https://apktool.org/

2. dex2jar: https://github.com/pxb1988/dex2jar

3. jadx-gui: https://github.com/skylot/jadx/releases

4. jd-gui: https://github.com/java-decompiler/jd-gui/releases/tag/v1.6.6

5. ClassyShark: https://github.com/google/android-classyshark/releases/tag/8.2

6. Bytecode-Viewer: https://github.com/Konloch/bytecode-viewer/releases/tag/v2.11.2

7. SDK Platform-Tools: https://developer.android.com/tools/releases/platform-tools

8. DB Browser for SQLite: https://sqlitebrowser.org/dl/

9. Frida: https://github.com/frida/frida

10. Objection: https://github.com/sensepost/objection

11. fridump: https://github.com/Nightbringer21/fridump

12. Magisk Manager: https://magiskmanager.com/

13. Xposed Framework: https://forum.xda-developers.com/t/official-xposed-for-lollipop-marshmallow-nougat-oreo-v90-beta3-2018-01-29.3034811/

14. PoxyDroid: From Playstore

IOS:

1. plist-viewer: https://github.com/TingPing/plist-viewer/releases

2. Ghidra: https://ghidra-sre.org/

3. Frida: https://github.com/frida/frida

4. Objection: https://github.com/sensepost/objection

5. fridump: https://github.com/Nightbringer21/fridump

6. iOS App Dump: https://github.com/AloneMonkey/frida-ios-dump

7. Jailbreaking Apps:

Unc0ver: https://unc0ver.dev/

Checkra1n: https://checkra.in/

8. Otool: Available with Xcode - https://inesmartins.github.io/mobsf-ipa-binary-analysis-step-by-step/index.html

9. 3uTools: http://www.3u.com/

10. Keychain Dumper: https://github.com/ptoomey3/Keychain-Dumper

11. Cydia Apps:

SSL Killswitch 2

Shadow

Liberty

Frida

12. Strings: https://learn.microsoft.com/en-us/sysinternals/downloads/strings

13. DB Browser for SQLite: https://sqlitebrowser.org/dl/

14. Hopper: https://www.hopperapp.com/

15. Burpsuite: https://portswigger.net/burp/communitydownload

In essence, the mobile application VAPT locates exploitable flaws in code, systems, applications, databases, and APIs before hackers can find and take advantage of them. Utilizing harmful apps has the potential to be risky, and untested apps could include faults that expose the data of your company. The mobile application penetration testing services by Elanus Technologies identify security risks in android and iOS apps and devices. Get in touch to secure your devices today!