The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows and Linux systems and applications.
- Read the official guide to the Sysinternals tools, Troubleshooting with the Windows Sysinternals Tools
- Read the Sysinternals Blog for a detailed change feed of tool updates
- Watch Mark's Sysinternals Update videos on YouTube
- Watch Mark’s top-rated Case-of-the-Unexplained troubleshooting presentations and other webcasts
- Read Mark’s Blog which highlight use of the tools to solve real problems
- Check out the Sysinternals Learning Resources page
- Post your questions in the Sysinternals Forum
Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or \\live.sysinternals.com\tools\<toolname>.
You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.
What's New (September 29, 2023)
ProcDump 2.2 for Linux
This update to ProcDump for Linux adds support for Azure Linux and fixes a couple of memory leaks.
Sysmon 1.3 for Linux This update to Sysmon for Linux fixes a bug with rule case matching.
What's New (July 26, 2023)
This update to ZoomIt adds audio capture to screen recording.
ProcDump 2.0 for Linux
ProcDump for Linux, a flexible tool for manual and trigger-based process dump generation, receives two new .NET GC triggers (-gcm and -gcgen) and updates the existing memory trigger to allow for multiple thresholds.
What's New (June 27, 2023)
- Sysmon v15.0
This update to Sysmon, an advanced host security monitoring tool, sets the service to run as a protected process, hardening it against tampering, adds a new event,
FileExecutableDetected, for when new executable images are saved to files, and fixes a system hang occurring in certain situations due to an interaction between network and file system events.
What's New (May 24, 2023)
- ZoomIt v7.0
This update to ZoomIt, a screen magnification and annotation tool, adds the ability to screen record cropped regions or a specific window, and lets you snip regions of the screen or zoomed views to the clipboard or to a file in a single gesture.
What's New (March 9, 2023)
- Sysmon 1.1 for Linux
This update to Sysmon for Linux, an advanced host monitoring tool, adds support for a wider range of distributions (e.g., RHEL) by leveraging BTF enabled kernels.