![]() You get pretty good at it after a lot of practice, but it still isn’t overly practical when doing a long session of reversing or research. I often find myself pinpointing a process of interest, and then using cmd+f in a text editor in order to find a previous event that it caused, find its parent, or find its children. Until now!īeing able to view process data in raw text is great, but it certainly isn’t easy on the eyes. This json output can then easily be displayed in other tools, and yet it doesn’t seem that anyone has taken the time to write any. Honestly, an underrated little tool that uses the Apple Endpoint Security Framework to record executed processes and return the details in a nicely formatted json string. Perhaps my favorite tool used to track processes in a hurry is Objective-See’s ProcessMonitor. For this reason, I have about a million and one different ways in which I like to monitor process activity on macOS. For those that read my in depth coverage on low-level process hunting or any of my blogposts on TrueTree, you know that I’m a stickler for process hunting on macOS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |