洞察探索open banking如何通过小程序容器技术助力金融企业实现数据安全和数字化转型
676
2022-10-23
filewatcher一个简单的macOS审计和监控实用程序
filewatcher
a simple auditing utility for macOS
Filewatcher is an auditing and monitoring utility for macOS.
It can audit all events from the system auditpipe of macOS and filter them by process or by file You can use this utility to:
Monitor access to a file, or a group of files.Monitor activity of a process, and which resources are accessed by that process.Build a small Host-Based IDS by monitoring access or modifications to specific files.Do an dynamic malware analysis by monitoring what the malware is using on the filesystem.
If you want to read more about how it works, check my blog.
Installation
Just run make to compile it and then ./bin/filewatcher.
Usage: ./bin/filewatcher [OPTIONS] -f, --file Set a file to filter -p, --process Set a process name to filter -a, --all Display all events (By default only basic events like open/read/write are displayed) -d, --debug Enable debugging messages to be saved into a file -h, --help Print this help and exit
Expected output:
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
发表评论
暂时没有评论,来抢沙发吧~