A month ago we wrote that Mark Russinovich, the current CTO of Microsoft Azure, but better known as the father of Sysinternals, was teasing a version of the famous utilities for ARM.
Sysinternals is a set of useful Windows utilities which exposes the internal functioning of the OS and apps.
Now the tools are available to download from a directory on the Sysinternals website, linked to by a tweet by Hari Pulapaka, Principal Group Program Manager – Windows Kernel at Microsoft.
ARM64 versions Sysinternals – more coming. feel free to ask for specific tools if you want us to prioritize them higher.https://t.co/y36d0URiII
— Hari Pulapaka (@TheRealHariP) June 24, 2019
The directory appears somewhat barebone, but has a valid certificate signed by Microsoft. The collection only currently includes ProcDump64a, procexp64a and Procmon64a, but that seems to be a good start.
ARM hackers can find the collection here.