procmon

Spartacus DLL/COM Hijacking Toolkit

iMonitor（冰镜 - 终端行为分析系统）

The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能， 而不用关心底层驱动的开发、维护和兼容性问题，让其可以专注于业务开发

open source process monitor

Parser to process monitor file formats

Advanced process execution monitoring utility for linux (procmon like)

Monitoring Registry and File Changes in Windows

Monitor windows kernel event, based on etw, development in rust. A replacement of procmon. more events and useful filter. Typically can check handle leak for a few weeks.

Materials for Diagnostics Expert online course

A command line tool that sends its input data to a running procmon instance.

Procmonel is Procmon like monitoring system implemented using Microsoft WDK

Process Monitor for Debian Linux Distros. Monitor CPU Utilization

Associates netflow data with system processes and logs to syslog

A PML Analyzer.

Repo for the project GuardCode.

See Your Trace Statements in Process Monitor!

The procmon script is used to monitorize commands that were ran or will run on the system, in order to make privilege escalation and lateral movement on a Linux target.

A LSTM (Long Short Term Memory) model + dataset. Utilises the procmon logging system to analyze malware/virus process activity in the form of binary classification [malicious/benign]. Created for my University final project.

Python script to index SysInternals procmon CSV exports into elasticsearch

provides a convenient and efficient solution for capturing and analyzing system activity logs using Procmon and converting them to the pandas compatible Parquet file format (2% of the original pml file size)