Windows

Introduction And here we are with the 4th and last blog post of this series, the one covering the final debugging tool, the one you take out when nothing else works: Windows Debuggers!

Introduction And here we are on the 3rd post: Introduction to Autoruns and ProcDump The Sysinternals suite of tools is a collection of over 70 utilities that can be used to troubleshoot and diagnose a wide range of issues on a Windows system.

And here we are on the 2nd post: Introduction to Process Explorer and Process Monitor. Before we start, repeat after me “When in doubt, run Procmon!” Now that we’ve gotten the Russinovich mantra out of the way, let’s delve in!

This is the first post of a series of posts on Windows Troubleshooting. The idea came after I’ve spent a few weeks troubleshooting a very weird issue with the Windows Spooler, starting from the basic troubleshooting steps we all to through and ending up doing reverse engineering of the service itself and while doing that also going through many videos and books concerning this topic.

One interesting challenge that a recent request via Discord brought was how to handle secrets for automated/unattended processes on onpremise machines. My initial interest in the Powershell Secret Management module slowly waned as I realized that it’s not really meant for that purpose (though it can be made with a command) so I started wondering if it would be possible to actually have that working through Azure Keyvault in an easy manner.