netport v1.0 (command-line tool)

The execution of a command is known as a process. All multi-user operating systems have to run more than one process at the same time. netps is a Unix-like process listing command ps, from Net-Square that provides you with detailed information about active processes. netps is part of the Net-Square suite of tools and will work on the Windows family of products.


netexec's uses include -

  • Retrieving a process' handle, thread and module information

  • Retrieving a process' md5 hashes

  • Retrieving the parent PID of a process

  • Saving the results in XML or HTML formats

Installation

Just copy netps onto your executable path. Executing "netps" with no command line options displays usage syntax.


Usage : netport [options..]

-f
Dump a full listing for all processes
-P < pid >
Dump information for process ID pid
-m
Dump module information
-H
Dump handle information
-t
Dump thread information
-p
Show a process' parent PID
-md5 < file >
Show a process' calculated MD5 hash
-sp < file >
Sort results by PID
-spp
Sort results by oparent PID
-sn < file >
Sort results by process name
-ox < file >
Dump results in XML format
-oh < file >
Dump results in HTML format
-?/-h
Displays this message

Arguments supplied to netps are case sensitive.

Download netps ( 241 KB)

Examples

To obtain a complete listing of all processes, type


netps -f

To generate an md5 hash for each running process.


netps -md5

This retrieves process information for a process with PID 195


netps -P 195


Operating Systems supported:

netport has been tested on Windows NT 4.0 Server, Windows NT 4.0 workstation, Windows 2000, Windows XP and Windows 2003.

netps is included in a command-line toolkit named NSTools from Net-Square, that aid in the administration and audit of remote Windows NT/2K/XP/2003 systems.