Most other OSes have the functionality of these tools as built-ins. If anything it’s concerning to see that Windows still doesn’t include features out of the box.
First of all, not really. GNU doesn't do everything. It's important to remember that distros -- BSD or Linux -- are aggregations of software packages from many different developers, most of whom have no relationship to each other. Other operating systems including Android, Mac OS, and even iOS use these same open source tools, too, so they can't really be said to include these tools as a result of their own development, either.
Second of all, much of the work was still done by Microsoft. The vast majority of NirSoft's tools just use the existing WinAPI. The functionality was already there. Indeed, many of these tools are alternative versions of tools which are already provided by Microsoft.
you managed to write two paragraphs and the only relevant arguments you made were the words "not really."
you conflate GNU with the concept of a distro, pretend that a distro is something other than an operating system, and then bizarrely give microsoft credit for "WinAPI" like other operating systems don't have APIs.
What it boils down to is almost all of these tools are readily available as vetted and integrated parts of other modern operating systems and on Windows you get to download this stuff and play with antivirus settings instead.
This reminds me of the advent of Windows XP, when Windows finally shipped with the ability to do things other operating systems had for years, such as unzipping files and looking at JPG. Maybe one day, Windows will have this functionality available to the user out of the box... but that day is not today.
> you managed to write two paragraphs and the only relevant arguments you made were the words "not really."
That's because that was the argument. You're comparing apples and oranges.
First, none of the NirSoft utilities are core OS features. Those that look like they might be are just alternate versions of what Microsoft provided.
So your argument isn't a criticism of operating system design. It's a criticism of software distribution model. You're not saying that Windows isn't capable of doing these things, you're just saying, "Windows doesn't have a universal package manager that allows me to easily install them." If Windows did have a good, universal package manager for free user and system utilities, these utilities would almost certainly be in that repository. However, they don't fit well into the design of NuGet (which is developer focused) or Chocolatey (which is generic, but enterprise focused) or PowerShell Gallery (which is PowerShell exclusive) or the Windows Store (which has no traction).
Maybe you're too young to remember when not all distros had package managers and repositories, but having to find your utilities online, having to download them and then compile and install them yourself used to be completely normal. That was standard. It's not an inherently flawed system. The only reason Linux had to go that way from that model was because of dependency hell. There were too many pieces moving in too many different directions and too many breaking changes. In other words, Linux had such a rats nest of incompatible versions that it required someone to create distributions which included vetted package management because it was an absurd amount of work to maintain a system otherwise. That's why even today Linux distros tell their users not to download and install software that didn't pass through their testing process.
Windows has never had that problem because Microsoft worked very hard not to break backward compatibility, even between edtions, so it was never considered necessary. That is, until Apple decided to open their own package manager: the Apple store. And it made Apple even richer. And the Google Play store does the same for Google. And now you see why package managers and repositories can also be bad: they can be walled gardens or revenue farms, neither of which are necessarily acting for the benefit of the user.
So your argument kind of boils down to, "Microsoft doesn't have a walled garden!" You're right! It doesn't! That's not a bad thing!
Windows is an OS. That's all. Linux distributions are an OS and an extremely diverse set of other software components which tells it's users to only use their vetted software unless you're prepared to deal with dependency hell again.
My comment was made from a user's point of view. I explicitly did not care about technicalities or who wrote what code. All I meant is that I can do things with an out-of-the-box Mac that require downloading third-party tools to do on Windows.
How Microsoft achieves that is their problem to figure out, whether they license these tools or reimplement their functionality, as long as the functionality is there out of the box. But I guess shoving ads (aka cancer) into the lock screen is higher on their list of priorities.
what most other OSes provide tools "out of the box" that are written by the OS authors? care to give some examples? this statement sounds oddly vague...
I love these tools, but my one "complaint" is that they're not open source.
I often find myself searching "how to find X in Windows", and the answer is to run one of these tools. But what I really want to know is how the tool does it.
Why would you want source code for that? WinAPI is visible in dependency viewers. File system operations visible in process monitor. Same with registry access. WMI queries are visible in event viewer (simple setup is required). Network activity is visible in sniffers.
Even when source code is available, these tools are both easier to use (reading source code can be very time consuming for large projects), and they give more accurate results.
By the way, sometimes I use these tools when I debug or troubleshoot my own software.
Source code only helps for simple programs. For sufficiently complex software, looking at source code increases development time instead of helping.
I was under the impression that most of these are small utilities.
I've learned more about posix and the GNU API reading the source code to busybox utilities (which is super easy because they're so somall) than just about anywhere else.
> about posix and the GNU API reading the source code
Windows has huge API surface. If you really want to learn it, I suggest reading books, not source code. E.g. “Windows internals” is descent one.
If you’re just interested how particular program works, with the tools that I’ve mentioned in the above comment, you’ll find more about the API than looking at the source code. Especially if you’re just learning. Many apps use big libraries like MFC or QT, the source code will tell you how the developer called these libraries, but the tools will tell you how the process interacts with OS. Due to the complexity of the libraries, can be huge differences between the two.
I don't understand the thesis - releasing the source code costs nothing and the user can choose whether to look at it or not. They could've spent the time apologising for virus ""false alarms"" publishing the code instead.
That way one can trivially look through it instead of wasting time on different analyzers.
1. Ensure it builds. Old software can only be built with old compilers, with old Windows SDK. Sometimes they also rely on old custom build tools. Other times builds requires manual steps.
2. Ensure you have not violated any copyrights or patents. The relevant laws are ridiculous these days, potentially, you can get in legal trouble even by copy-pasting stuff from stackoverflow.
3. Ideally, that it comes with documentation/comments, at least minimal.
Looking through is not enough. To be sure, you need to build the software and run the binaries you’ve built. Building third-party code, especially old one, can be very hard: dependencies, build environment, mismatched OS versions, and thousand more papercuts. I sometimes spending a whole day just to build some third-party project that I need to use. BTW I’ve been programming for living for couple decades now.
Even if it builds, security audit of a program longer than a couple pages of code is very non-trivial. If you’ll ask “how do you know they are longer than a couple pages?” the answer is “because GUI”. Despite user friendly, GUI usually require substantial amount of code. That’s probably the main reason why open source community is reluctant to create GUI apps despite users obviously prefer them over CLI.
Arguably, point 2 is the only real concern about releasing the source code - 1 and 3 are optional responsibilities that people take to a varying degree, with "Works On My Machine (tm) - no documentation - here be dragons" being a valid (though in my opinion not very kind) option.
I only see a potential problem with No. 2. The rest seems like a non-issue. Nobody is forcing the creator to spend his time writing extra documentation or build instructions - just post it and let the community sort it through.
Just as nobody is forcing people to sit and figure out the code - some are just interested in how the tool works and why AV software is really handing out ""false positives"". Personally, I just want to skim over it and see his style of writing and commenting.
Everybody else can go take a long walk off a short pier, if they're going to send angry emails about not being able to build something they didn't pay me for.
Imagine Breaking Bad, only with malware instead of drugs.
Nir Sofer has been around forever and has a great reputation in the Windows dev community, but^Wso he could do a lot of damage in a hurry if he wanted to.
I used these for years. Especially the Windows handles checker I found incredibly useful.
That being said: When I recently recommended it to a friend he complained about virus scanner warnings. When we ran the tool through Virus Total we had a considerable amount of warnings and these were not only from the heuristic checkers.
I have considerable trust in Nirsoft and maybe these warnings are wrong but on the other hand I have confidence in Virus Total too.
I've seen virus alerts for programs that I have written and compiled myself so many times that I don't trust antivirus by default. There are a number of API calls that trigger the alerts without further consideration.
Yup. Happened with SlimFTPd all the time around 2006 or so. Good tools that are easy to work with and very small get picked up by malicious actors very easily.
I absolutely love these tools. Being in digital forensics, these tools feel like such a nice gift to our DFIR community. By the off chance Nir is reading this: thank you so much for all your effort en dedication!
“In the beginning, NirSoft was hosted in some "free" Web hosting services like Tripod and multiservers.com
Unfortunately, these "free" Web sites produced a fair amount of annoying popup ads and some of them even tried to install unwanted Spywares on the computer of the site visitors. Also, after my site became pretty popular, they disabled my hosting account because I used too much resources on their server.
In August 2004, after suffering from all these free services, I decided to purchase a domain for my site (nirsoft.net) and host it in a non-free hosting service, in order make my Web site more reliable, friendly and secured. In the days that I started with nirsoft.net domain, my site was already popular more than an average Web site, with more than 90,000 unique visitors and 1.5 million hits in a month”
I agree, there is no reason for such tools to be closed source, but this looks mostly historic.
Developers coming from Windows background were historically less open source friendly, or simply didn't even consider such idea, even if they intended for their tools to be used and distributed without restrictions.
Another such known example are Windows Sysinternals tools by Mark Russinovich.
Blue screens on Windows aren't remotely as common as people think they are, but this tool will look at your dump file and can tell you very quickly what caused the error (typically, which driver). Back in the day this helped to identify a problem from the network driver that was affecting a certain subset of our workstations and allowed us to determine just how widespread the scope of the problem was. Turned out the image maintainer had used the wrong network driver.
We could have used WinDbg to do this, but at the time you had to install the whole damn Windows SDK to get it. This was a single executable and a library (I think).
For me, there was one that would transfer/edit the autocomplete files in Outlook, when formatting or transferring to a new computer, or fixing Exchange migration issues. Previously with IT client work (2002-2015 before cloud email took over) it was a godsend.
winlister for me. It is like process explorer for windows. When you develop something window related and you have no idea where is a window -- winlister can tell you whether it is hidden, or maybe have left-top out of the monitor
Every time I see this posted somewhere, I'm delighted to have sent Nir Sofer a few bucks through his Donate page.
I haven't actually used these tools in years -- I'm mostly off the Windows bandwagon now -- but back when I was referring to them constantly, it was wonderful to be able to say "thanks" for all the time he saved me.
I'm using these along with Sysinternals and Windows System Control Center [1] as launcher for both tools. NirSoft has own launcher but WSCC combines both tools sets along with Windows built-in programs
Edit: seems WSCC has been updated and it also includes MiTeC [2] tools as well, which are also interesting.
58 comments
[ 7.1 ms ] story [ 111 ms ] threadAnd here's the top 10, sorted by downloads https://www.nirsoft.net/top_utilities_downloads.html
Even so, it’s still a pretty cool list. Congratulations to the author!
Second of all, much of the work was still done by Microsoft. The vast majority of NirSoft's tools just use the existing WinAPI. The functionality was already there. Indeed, many of these tools are alternative versions of tools which are already provided by Microsoft.
you conflate GNU with the concept of a distro, pretend that a distro is something other than an operating system, and then bizarrely give microsoft credit for "WinAPI" like other operating systems don't have APIs.
What it boils down to is almost all of these tools are readily available as vetted and integrated parts of other modern operating systems and on Windows you get to download this stuff and play with antivirus settings instead.
This reminds me of the advent of Windows XP, when Windows finally shipped with the ability to do things other operating systems had for years, such as unzipping files and looking at JPG. Maybe one day, Windows will have this functionality available to the user out of the box... but that day is not today.
That's because that was the argument. You're comparing apples and oranges.
First, none of the NirSoft utilities are core OS features. Those that look like they might be are just alternate versions of what Microsoft provided.
So your argument isn't a criticism of operating system design. It's a criticism of software distribution model. You're not saying that Windows isn't capable of doing these things, you're just saying, "Windows doesn't have a universal package manager that allows me to easily install them." If Windows did have a good, universal package manager for free user and system utilities, these utilities would almost certainly be in that repository. However, they don't fit well into the design of NuGet (which is developer focused) or Chocolatey (which is generic, but enterprise focused) or PowerShell Gallery (which is PowerShell exclusive) or the Windows Store (which has no traction).
Maybe you're too young to remember when not all distros had package managers and repositories, but having to find your utilities online, having to download them and then compile and install them yourself used to be completely normal. That was standard. It's not an inherently flawed system. The only reason Linux had to go that way from that model was because of dependency hell. There were too many pieces moving in too many different directions and too many breaking changes. In other words, Linux had such a rats nest of incompatible versions that it required someone to create distributions which included vetted package management because it was an absurd amount of work to maintain a system otherwise. That's why even today Linux distros tell their users not to download and install software that didn't pass through their testing process.
Windows has never had that problem because Microsoft worked very hard not to break backward compatibility, even between edtions, so it was never considered necessary. That is, until Apple decided to open their own package manager: the Apple store. And it made Apple even richer. And the Google Play store does the same for Google. And now you see why package managers and repositories can also be bad: they can be walled gardens or revenue farms, neither of which are necessarily acting for the benefit of the user.
So your argument kind of boils down to, "Microsoft doesn't have a walled garden!" You're right! It doesn't! That's not a bad thing!
Windows is an OS. That's all. Linux distributions are an OS and an extremely diverse set of other software components which tells it's users to only use their vetted software unless you're prepared to deal with dependency hell again.
How Microsoft achieves that is their problem to figure out, whether they license these tools or reimplement their functionality, as long as the functionality is there out of the box. But I guess shoving ads (aka cancer) into the lock screen is higher on their list of priorities.
I often find myself searching "how to find X in Windows", and the answer is to run one of these tools. But what I really want to know is how the tool does it.
Even when source code is available, these tools are both easier to use (reading source code can be very time consuming for large projects), and they give more accurate results.
By the way, sometimes I use these tools when I debug or troubleshoot my own software.
Source code only helps for simple programs. For sufficiently complex software, looking at source code increases development time instead of helping.
I've learned more about posix and the GNU API reading the source code to busybox utilities (which is super easy because they're so somall) than just about anywhere else.
Windows has huge API surface. If you really want to learn it, I suggest reading books, not source code. E.g. “Windows internals” is descent one.
If you’re just interested how particular program works, with the tools that I’ve mentioned in the above comment, you’ll find more about the API than looking at the source code. Especially if you’re just learning. Many apps use big libraries like MFC or QT, the source code will tell you how the developer called these libraries, but the tools will tell you how the process interacts with OS. Due to the complexity of the libraries, can be huge differences between the two.
When you release code, you need to do following.
1. Ensure it builds. Old software can only be built with old compilers, with old Windows SDK. Sometimes they also rely on old custom build tools. Other times builds requires manual steps.
2. Ensure you have not violated any copyrights or patents. The relevant laws are ridiculous these days, potentially, you can get in legal trouble even by copy-pasting stuff from stackoverflow.
3. Ideally, that it comes with documentation/comments, at least minimal.
Neither of these are free, they’re quite time consuming. Speaking from experience, I did release a few things, e.g. https://github.com/Const-me/EsentSerialize/
> That way one can trivially look through it
Looking through is not enough. To be sure, you need to build the software and run the binaries you’ve built. Building third-party code, especially old one, can be very hard: dependencies, build environment, mismatched OS versions, and thousand more papercuts. I sometimes spending a whole day just to build some third-party project that I need to use. BTW I’ve been programming for living for couple decades now.
Even if it builds, security audit of a program longer than a couple pages of code is very non-trivial. If you’ll ask “how do you know they are longer than a couple pages?” the answer is “because GUI”. Despite user friendly, GUI usually require substantial amount of code. That’s probably the main reason why open source community is reluctant to create GUI apps despite users obviously prefer them over CLI.
Some days you just can't win.
Everybody else can go take a long walk off a short pier, if they're going to send angry emails about not being able to build something they didn't pay me for.
Imagine Breaking Bad, only with malware instead of drugs.
Nir Sofer has been around forever and has a great reputation in the Windows dev community, but^Wso he could do a lot of damage in a hurry if he wanted to.
If you really want to know, this is how you find out.
That being said: When I recently recommended it to a friend he complained about virus scanner warnings. When we ran the tool through Virus Total we had a considerable amount of warnings and these were not only from the heuristic checkers.
I have considerable trust in Nirsoft and maybe these warnings are wrong but on the other hand I have confidence in Virus Total too.
https://blog.nirsoft.net/category/antivirus-issues/
To be fair most anti-virus has a massive false-positive rate.
I’ve had my own software, built from clean source with no fishy dependencies, flagged for whatever reason.
My trust in AV-tech is about zero.
https://blog.nirsoft.net/category/antivirus-issues/
“In the beginning, NirSoft was hosted in some "free" Web hosting services like Tripod and multiservers.com Unfortunately, these "free" Web sites produced a fair amount of annoying popup ads and some of them even tried to install unwanted Spywares on the computer of the site visitors. Also, after my site became pretty popular, they disabled my hosting account because I used too much resources on their server. In August 2004, after suffering from all these free services, I decided to purchase a domain for my site (nirsoft.net) and host it in a non-free hosting service, in order make my Web site more reliable, friendly and secured. In the days that I started with nirsoft.net domain, my site was already popular more than an average Web site, with more than 90,000 unique visitors and 1.5 million hits in a month”
Developers coming from Windows background were historically less open source friendly, or simply didn't even consider such idea, even if they intended for their tools to be used and distributed without restrictions.
Another such known example are Windows Sysinternals tools by Mark Russinovich.
Blue screens on Windows aren't remotely as common as people think they are, but this tool will look at your dump file and can tell you very quickly what caused the error (typically, which driver). Back in the day this helped to identify a problem from the network driver that was affecting a certain subset of our workstations and allowed us to determine just how widespread the scope of the problem was. Turned out the image maintainer had used the wrong network driver.
We could have used WinDbg to do this, but at the time you had to install the whole damn Windows SDK to get it. This was a single executable and a library (I think).
[1] https://tinyapps.org/
in times where typical app is bloated and weights as much as current chromium (because it is chromium/electron) it's nice to see such beauties
we've lost the art of programming in rush for fast development and making products just for sell
I haven't actually used these tools in years -- I'm mostly off the Windows bandwagon now -- but back when I was referring to them constantly, it was wonderful to be able to say "thanks" for all the time he saved me.
Stop using WHOIS. Start using RDAP. it is web cacheable, its JSON, and it has 302 redirection steering.
The RIRs are almost certainly throttling your WHOIS query if you walk the address space.
Edit: seems WSCC has been updated and it also includes MiTeC [2] tools as well, which are also interesting.
[1] - http://www.kls-soft.com/wscc/ [2] - http://mitec.cz/
Do this guy actually get any reasonable donation money here, to help with his software development effort, or web hosting fees?
Does any freeware software writers actually make any money from donations?
However, on the flip side, I continue to see articles of people selling their art on instagram [1].
[1] (https://www.news.com.au/lifestyle/real-life/sophie-tea-is-no...)