SecTools

Sysinternals : An extensive collection of powerful windows utilities Sysinternals provides many small windows utilities that are quite useful for low-level windows hacking. Some are free of cost and/or include source code, while others are proprietary. Survey respondents were most enamored with:

• ProcessExplorer for keeping an eye on the files and directories open by any process (like LSoF on UNIX).
• PsTools for managing (executing, suspending, killing, detailing) local and remote processes.
• Autoruns for discovering what executables are set to run during system boot up or login.
• RootkitRevealer for detecting registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
• TCPView, for viewing TCP and UDP traffic endpoints used by each process (like Netstat on UNIX).