https://github.com/lifka/winprocessshot
Monitoring Windows processes tool for malware analysis. Inspired by Regshot tool.
https://github.com/lifka/winprocessshot
malware-analysis monitoring-tool processes
Last synced: 12 months ago
JSON representation
Monitoring Windows processes tool for malware analysis. Inspired by Regshot tool.
- Host: GitHub
- URL: https://github.com/lifka/winprocessshot
- Owner: Lifka
- Created: 2024-06-24T23:17:20.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-06-24T23:27:32.000Z (almost 2 years ago)
- Last Synced: 2025-04-28T15:55:16.915Z (12 months ago)
- Topics: malware-analysis, monitoring-tool, processes
- Language: C#
- Homepage:
- Size: 3.36 MB
- Stars: 10
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# WinProcessShot
WinProcessShot is a simple and portable monitoring Windows processes tool for malware analysis. Its purpose is to show the processes that are created and terminated in the system during a period of time, recording certain information about them.
## Features
* Monitor created and finished processes. Three modes of use: monitoring, burst mode, and compare two different time instants.
* Create memory dumps of new processes.
* Recover a memory dump from a process that is no longer running.
* Recover a sample that was captured running in the system and no longer exists.
* Verify if a process has a valid signature or its hash is registered.
* Filter processes.
* Export results in JSON format.
## Screenshots
## Copyright
© 2024 Copyright: [javierizquierdovera.com](https://javierizquierdovera.com/).
This program is free software, you can redistribute it and/or modify it under the terms of [GPLv2](https://www.gnu.org/licenses/old-licenses/gpl-2.0.html).