Sysmon v11.0
This major update to Sysmon includes file delete monitoring and archive to help responders capture attacker tools, adds an option to disable reverse DNS lookup, replaces empty fields with ‘-‘ to work around a WEF bug, fixes an issue that caused some ProcessAccess events to drop, and doesn’t hash main data streams that are marked as being stored in the cloud.
LiveKD v5.63
This update fixes a regression with enumerating and dumping Hyper-V partitions on recent versions of Windows 10.
This update fixes a regression with enumerating and dumping Hyper-V partitions on recent versions of Windows 10.
Coreinvo v3.5
This release of Coreinfo, a tool that shows system CPU, memory and cache topology and information, now reports the status of restricted guest virtualization on Intel platforms.
This release of Coreinfo, a tool that shows system CPU, memory and cache topology and information, now reports the status of restricted guest virtualization on Intel platforms.
Process Explorer v16.32
This update resolves an issue where the application icon in the tree view was displayed incorrectly.
This update resolves an issue where the application icon in the tree view was displayed incorrectly.
Updated Apr 28, 2020
Version 1.0
