Hacker News new | past | comments | ask | show | jobs | submit login
NirSoft, a collection of small and useful freeware utilities (nirsoft.net)
352 points by turrini 18 days ago | hide | past | web | favorite | 58 comments

The most useful tool I've seen from here is BlueScreenView (https://www.nirsoft.net/utils/blue_screen_view.html).

Blue screens on Windows aren't remotely as common as people think they are, but this tool will look at your dump file and can tell you very quickly what caused the error (typically, which driver). Back in the day this helped to identify a problem from the network driver that was affecting a certain subset of our workstations and allowed us to determine just how widespread the scope of the problem was. Turned out the image maintainer had used the wrong network driver.

We could have used WinDbg to do this, but at the time you had to install the whole damn Windows SDK to get it. This was a single executable and a library (I think).

For me, there was one that would transfer/edit the autocomplete files in Outlook, when formatting or transferring to a new computer, or fixing Exchange migration issues. Previously with IT client work (2002-2015 before cloud email took over) it was a godsend.

N2KEdit. Yeah, that's a good one, too. Another case of an automated feature becoming too smart for it's own good.

winlister for me. It is like process explorer for windows. When you develop something window related and you have no idea where is a window -- winlister can tell you whether it is hidden, or maybe have left-top out of the monitor

BlueScreenView is probably one of the most used tools in my kit. From years of doing helpdesk I must have used this tens of times a week.

Nir Sofer: http://nirsoft.net/about_nirsoft_freeware.html

“In the beginning, NirSoft was hosted in some "free" Web hosting services like Tripod and ‪multiservers.com‬ Unfortunately, these "free" Web sites produced a fair amount of annoying popup ads and some of them even tried to install unwanted Spywares on the computer of the site visitors. Also, after my site became pretty popular, they disabled my hosting account because I used too much resources on their server. In August 2004, after suffering from all these free services, I decided to purchase a domain for my site (‪nirsoft.net‬) and host it in a non-free hosting service, in order make my Web site more reliable, friendly and secured. In the days that I started with ‪nirsoft.net‬ domain, my site was already popular more than an average Web site, with more than 90,000 unique visitors and 1.5 million hits in a month”

I agree, there is no reason for such tools to be closed source, but this looks mostly historic.

Developers coming from Windows background were historically less open source friendly, or simply didn't even consider such idea, even if they intended for their tools to be used and distributed without restrictions.

Another such known example are Windows Sysinternals tools by Mark Russinovich.

I love these tools, but my one "complaint" is that they're not open source.

I often find myself searching "how to find X in Windows", and the answer is to run one of these tools. But what I really want to know is how the tool does it.

Add the term "Win32" to your search results and you'll probably get something more relevant.

Yes! Win32 is the most useful google filter when programming in windows.

They are almost all simple enough that you can use something like IDA to see quite plainly which APIs they are calling out to.

If you really want to know, this is how you find out.

Why would you want source code for that? WinAPI is visible in dependency viewers. File system operations visible in process monitor. Same with registry access. WMI queries are visible in event viewer (simple setup is required). Network activity is visible in sniffers.

Even when source code is available, these tools are both easier to use (reading source code can be very time consuming for large projects), and they give more accurate results.

By the way, sometimes I use these tools when I debug or troubleshoot my own software.

Source code only helps for simple programs. For sufficiently complex software, looking at source code increases development time instead of helping.

I don't understand the thesis - releasing the source code costs nothing and the user can choose whether to look at it or not. They could've spent the time apologising for virus ""false alarms"" publishing the code instead. That way one can trivially look through it instead of wasting time on different analyzers.

> releasing the source code costs nothing

When you release code, you need to do following.

1. Ensure it builds. Old software can only be built with old compilers, with old Windows SDK. Sometimes they also rely on old custom build tools. Other times builds requires manual steps.

2. Ensure you have not violated any copyrights or patents. The relevant laws are ridiculous these days, potentially, you can get in legal trouble even by copy-pasting stuff from stackoverflow.

3. Ideally, that it comes with documentation/comments, at least minimal.

Neither of these are free, they’re quite time consuming. Speaking from experience, I did release a few things, e.g. https://github.com/Const-me/EsentSerialize/

> That way one can trivially look through it

Looking through is not enough. To be sure, you need to build the software and run the binaries you’ve built. Building third-party code, especially old one, can be very hard: dependencies, build environment, mismatched OS versions, and thousand more papercuts. I sometimes spending a whole day just to build some third-party project that I need to use. BTW I’ve been programming for living for couple decades now.

Even if it builds, security audit of a program longer than a couple pages of code is very non-trivial. If you’ll ask “how do you know they are longer than a couple pages?” the answer is “because GUI”. Despite user friendly, GUI usually require substantial amount of code. That’s probably the main reason why open source community is reluctant to create GUI apps despite users obviously prefer them over CLI.

I only see a potential problem with No. 2. The rest seems like a non-issue. Nobody is forcing the creator to spend his time writing extra documentation or build instructions - just post it and let the community sort it through. Just as nobody is forcing people to sit and figure out the code - some are just interested in how the tool works and why AV software is really handing out ""false positives"". Personally, I just want to skim over it and see his style of writing and commenting.

I've had plenty of people swear at me because open source software I release won't build for them. It gets tiring and puts me in a bad mood all day.

So have some requirements and make sure it builds. File any other complaints in NUL.

And then you get a reputation for ignoring your users.

Some days you just can't win.

"Users" = "People who pay me."

Everybody else can go take a long walk off a short pier, if they're going to send angry emails about not being able to build something they didn't pay me for.

Arguably, point 2 is the only real concern about releasing the source code - 1 and 3 are optional responsibilities that people take to a varying degree, with "Works On My Machine (tm) - no documentation - here be dragons" being a valid (though in my opinion not very kind) option.

regardless of whether you release the source or not, a patent violation is a violation. So 2) is a pointless worry.

Copyright and patents while using the Win32 API?

I was under the impression that most of these are small utilities.

I've learned more about posix and the GNU API reading the source code to busybox utilities (which is super easy because they're so somall) than just about anywhere else.

> about posix and the GNU API reading the source code

Windows has huge API surface. If you really want to learn it, I suggest reading books, not source code. E.g. “Windows internals” is descent one.

If you’re just interested how particular program works, with the tools that I’ve mentioned in the above comment, you’ll find more about the API than looking at the source code. Especially if you’re just learning. Many apps use big libraries like MFC or QT, the source code will tell you how the developer called these libraries, but the tools will tell you how the process interacts with OS. Due to the complexity of the libraries, can be huge differences between the two.

Why would you want source code for that?

Imagine Breaking Bad, only with malware instead of drugs.

Nir Sofer has been around forever and has a great reputation in the Windows dev community, but^Wso he could do a lot of damage in a hurry if he wanted to.

NirLauncher is a portable software package containing over 200 of these utilities. https://launcher.nirsoft.net/

And here's the top 10, sorted by downloads https://www.nirsoft.net/top_utilities_downloads.html

WSCC (Windows System Control Center) is a launcher/updater/manager for both NirSoft and Sysinternals. http://www.kls-soft.com/wscc/

WSCC combines Nirsoft and Sysinternals with added search. https://www.kls-soft.com/wscc/

My favorite part of the NirSoft website is the antivirus issues section of his blog.


Every time I see this posted somewhere, I'm delighted to have sent Nir Sofer a few bucks through his Donate page.

I haven't actually used these tools in years -- I'm mostly off the Windows bandwagon now -- but back when I was referring to them constantly, it was wonderful to be able to say "thanks" for all the time he saved me.

I absolutely love these tools. Being in digital forensics, these tools feel like such a nice gift to our DFIR community. By the off chance Nir is reading this: thank you so much for all your effort en dedication!

Those, combined with Sysinternals tools, are a must in IT support.

This reminds me of, and has me nostalgic about, TinyApps[1].

[1] https://tinyapps.org/

it's wonderful how tiny these apps are. complete e-mail client with full gui? 512KB.

in times where typical app is bloated and weights as much as current chromium (because it is chromium/electron) it's nice to see such beauties

we've lost the art of programming in rush for fast development and making products just for sell

I used these for years. Especially the Windows handles checker I found incredibly useful.

That being said: When I recently recommended it to a friend he complained about virus scanner warnings. When we ran the tool through Virus Total we had a considerable amount of warnings and these were not only from the heuristic checkers.

I have considerable trust in Nirsoft and maybe these warnings are wrong but on the other hand I have confidence in Virus Total too.

I've seen virus alerts for programs that I have written and compiled myself so many times that I don't trust antivirus by default. There are a number of API calls that trigger the alerts without further consideration.

They have a section on their Website about the AV issues.


Thanks, I never came across that.

Just learned on his blog that Google owns virustotal. Which is fine I suppose

Tools are so good malware started bundling it instead of re implementing functionality = virus scanners equal tool presence with malware, lazy.

Yup. Happened with SlimFTPd all the time around 2006 or so. Good tools that are easy to work with and very small get picked up by malicious actors very easily.

> When we ran the tool through Virus Total we had a considerable amount of warnings and these were not only from the heuristic checkers.

To be fair most anti-virus has a massive false-positive rate.

I’ve had my own software, built from clean source with no fishy dependencies, flagged for whatever reason.

My trust in AV-tech is about zero.

Another discussion from about a year ago: https://news.ycombinator.com/item?id=16851021.

Love the NirSoft tools, especially the way they're self-contained to a handful of files and run without installers.


Stop using WHOIS. Start using RDAP. it is web cacheable, its JSON, and it has 302 redirection steering.

The RIRs are almost certainly throttling your WHOIS query if you walk the address space.

I noticed his Donate link to PayPal.

Do this guy actually get any reasonable donation money here, to help with his software development effort, or web hosting fees?

Does any freeware software writers actually make any money from donations?

However, on the flip side, I continue to see articles of people selling their art on instagram [1].

[1] (https://www.news.com.au/lifestyle/real-life/sophie-tea-is-no...)

I'm using these along with Sysinternals and Windows System Control Center [1] as launcher for both tools. NirSoft has own launcher but WSCC combines both tools sets along with Windows built-in programs

Edit: seems WSCC has been updated and it also includes MiTeC [2] tools as well, which are also interesting.

[1] - http://www.kls-soft.com/wscc/ [2] - http://mitec.cz/

Their multimonitor tool is so useful and I still use it till date to switch between my sitting and standing desk.

Nir Sofer is a great programmer. He can(should?) write an alternative OS to Windows: NirOS

I love Nirsoft, came back for their tools for years!

In a similar category, a tool that's gone offline recently is Rohitab's API Monitor - strace/ltrace for Windows.

Only for Windows, right?

Even so, it’s still a pretty cool list. Congratulations to the author!

Most other OSes have the functionality of these tools as built-ins. If anything it’s concerning to see that Windows still doesn’t include features out of the box.

First of all, not really. GNU doesn't do everything. It's important to remember that distros -- BSD or Linux -- are aggregations of software packages from many different developers, most of whom have no relationship to each other. Other operating systems including Android, Mac OS, and even iOS use these same open source tools, too, so they can't really be said to include these tools as a result of their own development, either.

Second of all, much of the work was still done by Microsoft. The vast majority of NirSoft's tools just use the existing WinAPI. The functionality was already there. Indeed, many of these tools are alternative versions of tools which are already provided by Microsoft.

My comment was made from a user's point of view. I explicitly did not care about technicalities or who wrote what code. All I meant is that I can do things with an out-of-the-box Mac that require downloading third-party tools to do on Windows.

How Microsoft achieves that is their problem to figure out, whether they license these tools or reimplement their functionality, as long as the functionality is there out of the box. But I guess shoving ads (aka cancer) into the lock screen is higher on their list of priorities.

you managed to write two paragraphs and the only relevant arguments you made were the words "not really."

you conflate GNU with the concept of a distro, pretend that a distro is something other than an operating system, and then bizarrely give microsoft credit for "WinAPI" like other operating systems don't have APIs.

What it boils down to is almost all of these tools are readily available as vetted and integrated parts of other modern operating systems and on Windows you get to download this stuff and play with antivirus settings instead.

This reminds me of the advent of Windows XP, when Windows finally shipped with the ability to do things other operating systems had for years, such as unzipping files and looking at JPG. Maybe one day, Windows will have this functionality available to the user out of the box... but that day is not today.

> you managed to write two paragraphs and the only relevant arguments you made were the words "not really."

That's because that was the argument. You're comparing apples and oranges.

First, none of the NirSoft utilities are core OS features. Those that look like they might be are just alternate versions of what Microsoft provided.

So your argument isn't a criticism of operating system design. It's a criticism of software distribution model. You're not saying that Windows isn't capable of doing these things, you're just saying, "Windows doesn't have a universal package manager that allows me to easily install them." If Windows did have a good, universal package manager for free user and system utilities, these utilities would almost certainly be in that repository. However, they don't fit well into the design of NuGet (which is developer focused) or Chocolatey (which is generic, but enterprise focused) or PowerShell Gallery (which is PowerShell exclusive) or the Windows Store (which has no traction).

Maybe you're too young to remember when not all distros had package managers and repositories, but having to find your utilities online, having to download them and then compile and install them yourself used to be completely normal. That was standard. It's not an inherently flawed system. The only reason Linux had to go that way from that model was because of dependency hell. There were too many pieces moving in too many different directions and too many breaking changes. In other words, Linux had such a rats nest of incompatible versions that it required someone to create distributions which included vetted package management because it was an absurd amount of work to maintain a system otherwise. That's why even today Linux distros tell their users not to download and install software that didn't pass through their testing process.

Windows has never had that problem because Microsoft worked very hard not to break backward compatibility, even between edtions, so it was never considered necessary. That is, until Apple decided to open their own package manager: the Apple store. And it made Apple even richer. And the Google Play store does the same for Google. And now you see why package managers and repositories can also be bad: they can be walled gardens or revenue farms, neither of which are necessarily acting for the benefit of the user.

So your argument kind of boils down to, "Microsoft doesn't have a walled garden!" You're right! It doesn't! That's not a bad thing!

Windows is an OS. That's all. Linux distributions are an OS and an extremely diverse set of other software components which tells it's users to only use their vetted software unless you're prepared to deal with dependency hell again.

what most other OSes provide tools "out of the box" that are written by the OS authors? care to give some examples? this statement sounds oddly vague...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact