

Ever got annoyed having to deal with multiple audio devices on a Windows computer? Is your Skype client always using the wrong microphone?. audioswitch: Audio Volume Control (Tray Icon).Way less powerful then Wireshark, but can perform capturing without having to install the winpcap driver. get_win8key: display the Windows 8 or 10 OEM license key stored in the computer’s firmware.Shexview: View (and disable) Windows Shell Extensions.SubInACL: cmdline tool to query/edit Windows ACLs (permissions for filesystem, registry, services).CodeTwo Active Directory Photos: Manages profile photos stored in Active Directory User objects.Like the Active Directory User & Computers console, but supports non-AD LDAP directories as well. LDAPAdmin: graphical LDAP Directory browser.Orca: Table viewer/editor for MSI installer files.Can automatically download any Docker image and install its filesystem atop of WSL. WSL-Distribution-Switcher: Run virtually any Linux distribution on Windows 10’s Windows Subsystem for Linux (not just the Ubuntu and SuSE distros from the Windows Store).colortool: color profiles for the Windows terminal.The better “console window” for cmd.exe and powershell. ConEmu: A powerful Windows Terminal Emulator.CharlesProxy: Web Debugging Proxy: Intercept HTTP traffic for analysis.Similar to curl, but more suited for the typical REST API calls. httpie: cmdline tool for http requests.Postman: a graphical HTTP client/debugger.Insomnia: a graphical HTTP client/debugger.PE Explorer: A user-friendly disassembler (32-bit only).XNTSV: displays information on Windows system structures in binaries.PDBRipper: Analyze binaries: Analyzes PDB files that get generated when compiling.radare2: reverse engineering cmdline tools.Detect-It-Easy: Analyze binaries: A binary/packer analyzer.NET process explorer / assembly browser / decompiler richprint: prints compiler information stored in a binary’s rich header (“Which Visual C compiler version was this binary built with?”).Similar to ldd on Linux and otool -m on macOS. Dependency Walker: Displays DLL dependencies of binaries.Shares much of the functionality of Process Monitor from Sysinternals, but has some interesting differences and is (other than the Sysinternals Suite) entirely Open Source. ProcessHacker: A powerful task manager.Therefore, the following isn’t a “top 100 best of list” but just a pick of some rather unknown tools, that I found to be useful for some task. In this blogpost, I would like to mention some lesser known tools that might be equally useful. Especially ProcessExplorer, a powerful task manager replacement, and ProcessMonitor, a syscall tracing tool, are widely known. When working on Windows as a sysadmin or developer, it’s hard to get around Microsoft’s Sysinternals Suite of tools. Illustration: iStock/Getty Images (modified)
