Process Monitor Library (based on Apple's new Endpoint Security Framework)
It captures process start, fork, and exit events, providing:
- pid
- path
- ancestory
- arguments
- environment variables
- code-signing information
Read More:
For more details read: "Writing a Process Monitor with Apple's Endpoint Security Framework".
To Support:
❤ Love this product or want to support it? Please check out my patreon page :)
Mahalo!
This product is supported by the following "Friends of Objective-See":
🥇CleanMyMac X
🥈Malwarebytes / Airo AV
🥉SmugMug / Guardian Mobile Firewall / SecureMac / Sophos / SentinelOne / Digital Guardian / Trail of Bits / CyberArk / Halo Privacy