Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/x13a/pschk

Check for suspicious processes on macOS
https://github.com/x13a/pschk

macos osx security swift

Last synced: 12 months ago
JSON representation

Check for suspicious processes on macOS

Awesome Lists containing this project

README 

          
# pschk



Check for suspicious processes on macOS



The app shows all running processes that are not signed by Apple as a tree.

Plus it shows Apple signed running processes like shells, script languages 

and so on that may be used for malicious activity.



## Installation



```sh

$ make

$ [sudo] make install

```

or

```sh

$ brew tap x13a/tap

$ brew install x13a/tap/pschk

```



## Usage



```text

USAGE: pschk [--version] [--args] [--env] [-a]



OPTIONS:

  --version               Print version and exit

  --args                  Show arguments for all

  --env                   Show environment vars

  -a                      Show all processes, ignore default filter

  -h, --help              Show help information.

```



## Example



```sh

~

❯ [sudo] pschk

[74437] [user] /Applications/Firefox.app/Contents/MacOS/firefox

  [78984] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container

  [74448] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container

  [74552] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container

  [74449] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container

  [87122] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container

[74015] [user] /Applications/Fork.app/Contents/MacOS/Fork

...

```



## License



[![GNU GPLv3 Image](https://www.gnu.org/graphics/gplv3-127x51.png)](https://www.gnu.org/licenses/gpl-3.0.en.html)