forensictools.dev
← Back to catalog

Sysinternals

by Tool host OS / runtime environment

Sysinternals by Tool host OS / runtime environment. A digital forensics tool for forensic tool suite (windows investigations).

Platforms
Windows
Artifact types
Event Logs (EVTX)File SystemPrefetch FilesWindows Registry
License
Open Source
Skill level
Intermediate
Version
v1
Website
http://www.microsoft.com
Use cases
incident response
Techniques
artifact parsingpost mortem
Find similar tools
Sysinternals — Digital Forensics Tool