Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Package proposal: systeminformer.vm #161

Closed
seanthegeek opened this issue Dec 7, 2022 · 11 comments · Fixed by #767
Closed

Package proposal: systeminformer.vm #161

seanthegeek opened this issue Dec 7, 2022 · 11 comments · Fixed by #767
Assignees
@d35ha
Labels
🌀 FLARE-VM A package or feature to be used by FLARE-VM 🆕 package New package request/idea/PR
Milestone
FLARE-VM 2023 Q4

Comments

@seanthegeek
Copy link

Package Name

processhacker

Tool Name

Process Hacker

Package type

ZIP_EXE

Tool's version number

2.39

Category

Utilities

Tool's authors

Steven G (dmex), Others

Tool's description

A multi-purpose tool for monitoring process activity

Download URL

https://sourceforge.net/projects/processhacker/files/processhacker2/processhacker-2.39-bin.zip/download

Download SHA256 Hash

2afb5303e191dde688c5626c3ee545e32e52f09da3b35b20f5e0d29a418432f5

Why is this tool a good addition?

  • Discover which processes are using a file
  • See what programs have active network connections, and close them if necessary
  • View detailed stack traces with kernel-mode, WOW64 and .NET support
  • Create, edit and control services
@seanthegeek seanthegeek added the 🆕 package New package request/idea/PR label Dec 7, 2022
@mr-tz
Copy link
Contributor

mr-tz commented Dec 7, 2022

Thanks for all the great package proposals, @seanthegeek!

@seanthegeek
Copy link
Author

Phew. 15 and I'm finally done.

@mwilliams31
Copy link
Contributor

System Informer is the successor to Process Hacker. Downloads page: https://systeminformer.sourceforge.io/nightly.php

@mr-tz
Copy link
Contributor

mr-tz commented Jan 2, 2023

@seanthegeek should we add System Informer instead?

@MalwareMechanic
Copy link
Collaborator

I vote for the System Informer. We could also add another shortcut simply named "processhacker" that links to this tool for those that aren't as familiar with this tool's name. Thoughts?

@mr-tz
Copy link
Contributor

mr-tz commented Jan 5, 2023

👍 I don't think it's necessary to add the extra shortcut.

@Ana06
Copy link
Member

Ana06 commented Mar 17, 2023

I like the idea of adding system informer instead of process hacker. 👍

@Ana06 Ana06 self-assigned this Mar 20, 2023
@Ana06 Ana06 assigned Ana06 and unassigned Ana06 Jun 6, 2023
@Ana06
Copy link
Member

Ana06 commented Jun 6, 2023

I am not sure how to install the tool. I have tried the downloads from https://systeminformer.sourceforge.io/nightly.php

  • I think it is not possible to use the setup download from the command line (it needs user interaction)
  • The binary download appear to not include the correct binary (there is no intel 64 only intel 32 and it complains when running it).

@mandiant/flare-vm any ideas?

@mr-tz
Copy link
Contributor

mr-tz commented Jun 6, 2023

Hm, then we may have to defer until they provide proper binaries.

For the interaction part, we could use Autoit (like for npcap) if we really wanted.

@Ana06 Ana06 mentioned this issue Jun 14, 2023
Closed
@Ana06 Ana06 mentioned this issue Jul 13, 2023
Closed
@Ana06
Copy link
Member

Ana06 commented Oct 5, 2023

https://github.com/winsiderss/si-builds/releases/

@Ana06 Ana06 added this to the FLARE-VM 2023 Q4 milestone Oct 5, 2023
@Ana06 Ana06 added the 🌀 FLARE-VM A package or feature to be used by FLARE-VM label Oct 6, 2023
@Ana06
Copy link
Member

Ana06 commented Nov 17, 2023

https://systeminformer.sourceforge.io/nightly.php includes a binary that may be easy to install

@Ana06 Ana06 changed the title Package proposal: proceshacker.vm Package proposal: systeminformer.vm Nov 17, 2023
@d35ha d35ha self-assigned this Dec 6, 2023
@d35ha d35ha mentioned this issue Dec 7, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@d35ha d35ha

Labels
🌀 FLARE-VM A package or feature to be used by FLARE-VM 🆕 package New package request/idea/PR
Projects
None yet
Milestone
FLARE-VM 2023 Q4
Development

Successfully merging a pull request may close this issue.

Add systeminformer.vm d35ha/VM-Packages
6 participants
@seanthegeek @mwilliams31 @Ana06 @mr-tz @MalwareMechanic @d35ha