Process Monitortitle

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such as session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

thank
processmonitor

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Features:

  • More data captured for operation input and output parameters
  • Non-destructive filters allow you to set filters without losing data
  • Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an
  • operation
  • Reliable capture of process details, including image path, command line, user and session ID
  • Configurable and moveable columns for any event property
  • Filters can be set for any data field, including fields not configured as columns
  • Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
  • Process tree tool shows relationship of all processes referenced in a trace
  • Native log format preserves all data for loading in a different Process Monitor instance
  • Process tooltip for easy viewing of process image information
  • Detail tooltip allows convenient access to formatted data that doesn't fit in the column
  • Cancellable search
  • Boot time logging of all operations

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Strong security (AES encryption, SHA-256 hash, protection against dictionary and guessing attacks, in-memory protection, ...)
  • Portable (no installation required), available for many platforms (Windows, Linux, Mac OS X, smart devices/phones, ...).
  • Efficient and flexible organization (entry groups, tags, time fields, file attachments, ...).
  • Various data transfer methods (clipboard, drag and drop, auto-type, plugins can provide integration with other applications, ...).
  • Powerful password generator (generation based on character sets and patterns, with many options).
  • Extensible (plugin architecture) and multi-language (more than 40 languages are available).

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Filesystem supported: ext2, ext3, ext4, reiserfs, xfs, jfs of GNU/Linux, FAT, NTFS of MS Windows, HFS+ of Mac OS, UFS of BSD, minix of Minix and VMFS of VMWare ESX. Therefore you can clone GNU/Linux, MS windows and Intelbased Mac OS, no matter it's 32-bit (x86) or 64-bit (x86-64) OS. For these file systems, only used blocks in partition are saved and restored. For unsupported file system, sector-to-sector copy is done by dd in Clonezilla
  • LVM2 (LVM version 1 is not) under GNU/Linux is supported.
  • Multicast is supported in Clonezilla SE, which is suitable for massive clone.
  • Based on partclone to clone partition. However, clonezilla, containing some other programs, can save and restore not only partitions, but also a whole disk.

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • FTP client and server
  • Supports FTP, FTPS and SFTP
  • Built-in file management
  • Advanced file settings
  • Reduces timeout errors
  • Multi-language support

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Download and use for free
  • Synchronize folders on network shares and local drives
  • Synchronize mobile devices via MTP (Android, iPhone, tablet, digital camera)
  • Synchronize with Google Drive cloud storage
  • Free FTP client: Synchronize via FTP (File Transfer Protocol) and FTPS (SSL/TLS)
  • Access files online using SFTP (SSH File Transfer Protocol)
  • Detect moved and renamed files and folders
  • Get sync results as an email notification
  • Manage versions and keep a history of deleted/updated files
  • Compare and synchronize multiple files in parallel
  • Show drive space usage as a directory tree
  • Copy locked files (Volume Shadow Copy Service)
  • Detect conflicts and propagate deletions
  • Compare files by content
  • Configure handling of Symbolic Links
  • Automate sync as a batch job
  • Process multiple folder pairs
  • Comprehensive and detailed error reporting
  • Copy NTFS extended attributes (compressed, encrypted, sparse), NTFS security permissions, NTFS Alternate Data
  • Streams
  • Copy HFS+ extended attributes and ACLs
  • Support long file paths with more than 260 characters
  • Fail-safe file copy prevents data corruption
  • Cross-platform: Runs on Windows, Linux, macOS
  • Use macros %time%, %date%, et al. for recurring backups
  • Expand environment variables like %UserProfile%
  • Access variable drive letters by volume name (USB sticks)
  • Native 64-bit support
  • Prevent disc space bottlenecks via optimal sync sequence
  • Full Unicode support
  • Highly optimised run time performance
  • Include and exclude files via filter
  • FreeFileSync portable and local installation available
  • Handle daylight saving time changes on FAT/FAT32
  • Case-sensitive synchronization
  • Serialize multiple users accessing the same (network) folder via folder locking
  • Fully localised user interface available in 30+ languages

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Import/Export hosts list from/to a text file
  • Domain Name System support to resolve Hostname or IP address
  • Simultaneous PINGs to multiple hosts. (Limited only by CPU memory)
  • Configurable PING (ICMP) protocol (Packet size, Polling interval, Timeout)
  • Session save and restore
  • Export host statistics
  • Detailed PING graphs (Hourly, Daily, Weekly, Monthly, Annual)
  • Configurable Round Robin Database size (24 hours, 30 days, 6 months, 1 year, 3 years)
  • Configurable graph properties (color, type)
  • Dashboard view to observe and compare graphs
  • Polling wait bar
  • Self extracts - No installation required

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Sysmon includes the following capabilities:

  • Logs process creation with full command line for both current and parent processes.
  • Records the hash of process image files using SHA1 (the default), MD5, SHA256 or IMPHASH.
  • Multiple hashes can be used at the same time.
  • Includes a process GUID in process create events to allow for correlation of events even when Windows reuses
  • process IDs.
  • Includes a session GUID in each event to allow correlation of events on same logon session.
  • Logs loading of drivers or DLLs with their signatures and hashes.
  • Logs opens for raw read access of disks and volumes.
  • Optionally logs network connections, including each connection’s source process, IP addresses, port numbers,
  • hostnames and port names.
  • Detects changes in file creation time to understand when a file was really created. Modification of file create
  • timestamps is a technique commonly used by malware to cover its tracks.
  • Automatically reload configuration if changed in the registry.
  • Rule filtering to include or exclude certain events dynamically.
  • Generates events from early in the boot process to capture activity made by even sophisticated kernel-mode
  • malware.

Usage:

Install: sysmon64 -i []

Update configuration: sysmon64 -c []

Install event manifest: sysmon64 -m

Print schema: sysmon64 -s

Uninstall: sysmon64 -u [force]

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

 

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Strong security (AES encryption, SHA-256 hash, protection against dictionary and guessing attacks, in-memory, protection, ...).
  • Portable (no installation required), available for many platforms (Windows, Linux, Mac OS X, smart devices/phones, ...).
  • Efficient and flexible organization (entry groups, tags, time fields, file attachments, ...).
  • Various data transfer methods (clipboard, drag and drop, auto-type, plugins can provide integration with other applications, ...).
  • Powerful password generator (generation based on character sets and patterns, with many options).
  • Extensible (plugin architecture) and multi-language (more than 40 languages are available).

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License:

Features:

  • Flexible
  • Powerful
  • Portable
  • Easy
  • Free

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Traceroute
  • Packet sniffer
  • Whois
  • 3D and 2D Map visualisation
  • Export data to image or text
  • Gantt view

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Features:

  • Hierarchical view of processes.
  • Ability to display an icon and company name next to each process.
  • Live CPU activity graph in the task bar.
  • Ability to suspend selected process.
  • Ability to raise the window attached to a process, thus "unhiding" it.
  • Complete process tree can be killed.
  • Interactively alter a service process's access security
  • Interactively set the priority of a process
  • Disambiguates service executables which perform multiple service functions. For example, when the pointer is
  • placed over a svchost.exe, it will tell if it is the one performing automatic updates/secondary logon/etc., or the
  • one providing RPC, or the one performing terminal services, and so on.
  • There is an option (in a process's context menu) to verify a process in VirusTotal
  • There is an option to display DLLs loaded by process (View => Lower Pane View => DLLs); an option Show Lower
  • Pane has to be switched on
  • There is an option to display processes handles which includes named mutants, events, sockets, files, registry
  • keys etc. (View => Lower Pane View => Handles); an option Show Lower Pane has to be switched on
  • In properties of a process a user can view the process's threads and threads stack traces
  • There is a command to create a process dump (mini or full) (Process => Create Dump)
  • There is a Find command which allows for searching a handle or DLL which can be used to identify the process
  • (es) holding a file lock.
  • There is an option (in handle context menu) to close a selected handle

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freemium

Features:

  • Adjust the level of detail of the information that is shown in the tree map using a slider.
  • Customise whether or not files and file types are shown in the tree map
  • Modify the colours of the treemap chart to fit your preferences.
  • Choose between a flat 2D view and a 3D view that shows the tiles like a cushion.
  • The TreeSize treemap chart supports Drag&Drop operations.

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: MIT License

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Graphical user interface
  • Translated into several languages
  • Integration with Windows (Drag and drop, URL, shortcut icons)
  • All common operations with files
  • Support for SFTP and SCP protocols over SSH-1 and SSH-2, FTP protocol, WebDAV protocol and Amazon S3 protocol
  • Batch file scripting, command-line interface and .NET wrapper
  • Directory synchronization in several semi or fully automatic ways
  • Integrated text editor
  • Support for SSH password, keyboard-interactive, public key and Kerberos (GSS) authentication
  • Integrates with Pageant (PuTTY authentication agent) for full support of public key authentication with SSH
  • Choice of Windows File Explorer-like or Norton Commander-like interfaces
  • Optionally stores session information
  • Optionally import session information from PuTTY sessions in the registry
  • Able to upload files and retain associated original date/timestamps, unlike FTP clients

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv2

Features:

  • Data can be captured "from the wire" from a live network connection or read from a file of already-captured packets.
  • Live data can be read from different types of networks, including Ethernet, IEEE 802.11, PPP, and loopback.
  • Captured network data can be browsed via a GUI, or via the terminal (command line) version of the utility, TShark.
  • Captured files can be programmatically edited or converted via command-line switches to the "editcap" program.
  • Data display can be refined using a display filter.
  • Plug-ins can be created for dissecting new protocols.
  • VoIP calls in the captured traffic can be detected. If encoded in a compatible encoding, the media flow can even be played.
  • Raw USB traffic can be captured.
  • Wireless connections can also be filtered as long as they traverse the monitored Ethernet.
  • Various settings, timers, and filters can be set to provide the facility of filtering the output of the captured traffic.

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Features:

  • Finds the files and folders using the most space on your hard drive
  • Works VERY Fast! We think it's the fastest application of this type in the world
  • Finds the top 1000 largest files on your hard drive
  • Sort the contents of your entire hard drive by folder size and optionally delete files and folders

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License:

Graphical Nmap frontend and results viewer