System Monitor (Sysmon)title

System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remainsresident across system reboots to monitor and log system activity to the Windows event log. It provides detailedinformation about process creations, network connections, and changes to file creation time. By collecting the eventsit generates using Windows Event Collection or SIEM agents and subsequently analyzing them, you can identifymalicious or anomalous activity and understand how intruders and malware operate on your network.

thank
system monitor

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Sysmon includes the following capabilities:

  • Logs process creation with full command line for both current and parent processes.
  • Records the hash of process image files using SHA1 (the default), MD5, SHA256 or IMPHASH.
  • Multiple hashes can be used at the same time.
  • Includes a process GUID in process create events to allow for correlation of events even when Windows reuses
  • process IDs.
  • Includes a session GUID in each event to allow correlation of events on same logon session.
  • Logs loading of drivers or DLLs with their signatures and hashes.
  • Logs opens for raw read access of disks and volumes.
  • Optionally logs network connections, including each connection’s source process, IP addresses, port numbers,
  • hostnames and port names.
  • Detects changes in file creation time to understand when a file was really created. Modification of file create
  • timestamps is a technique commonly used by malware to cover its tracks.
  • Automatically reload configuration if changed in the registry.
  • Rule filtering to include or exclude certain events dynamically.
  • Generates events from early in the boot process to capture activity made by even sophisticated kernel-mode
  • malware.

Usage:

Install: sysmon64 -i []

Update configuration: sysmon64 -c []

Install event manifest: sysmon64 -m

Print schema: sysmon64 -s

Uninstall: sysmon64 -u [force]

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Strong security (AES encryption, SHA-256 hash, protection against dictionary and guessing attacks, in-memory protection, ...)
  • Portable (no installation required), available for many platforms (Windows, Linux, Mac OS X, smart devices/phones, ...).
  • Efficient and flexible organization (entry groups, tags, time fields, file attachments, ...).
  • Various data transfer methods (clipboard, drag and drop, auto-type, plugins can provide integration with other applications, ...).
  • Powerful password generator (generation based on character sets and patterns, with many options).
  • Extensible (plugin architecture) and multi-language (more than 40 languages are available).

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Filesystem supported: ext2, ext3, ext4, reiserfs, xfs, jfs of GNU/Linux, FAT, NTFS of MS Windows, HFS+ of Mac OS, UFS of BSD, minix of Minix and VMFS of VMWare ESX. Therefore you can clone GNU/Linux, MS windows and Intelbased Mac OS, no matter it's 32-bit (x86) or 64-bit (x86-64) OS. For these file systems, only used blocks in partition are saved and restored. For unsupported file system, sector-to-sector copy is done by dd in Clonezilla
  • LVM2 (LVM version 1 is not) under GNU/Linux is supported.
  • Multicast is supported in Clonezilla SE, which is suitable for massive clone.
  • Based on partclone to clone partition. However, clonezilla, containing some other programs, can save and restore not only partitions, but also a whole disk.

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • FTP client and server
  • Supports FTP, FTPS and SFTP
  • Built-in file management
  • Advanced file settings
  • Reduces timeout errors
  • Multi-language support

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Download and use for free
  • Synchronize folders on network shares and local drives
  • Synchronize mobile devices via MTP (Android, iPhone, tablet, digital camera)
  • Synchronize with Google Drive cloud storage
  • Free FTP client: Synchronize via FTP (File Transfer Protocol) and FTPS (SSL/TLS)
  • Access files online using SFTP (SSH File Transfer Protocol)
  • Detect moved and renamed files and folders
  • Get sync results as an email notification
  • Manage versions and keep a history of deleted/updated files
  • Compare and synchronize multiple files in parallel
  • Show drive space usage as a directory tree
  • Copy locked files (Volume Shadow Copy Service)
  • Detect conflicts and propagate deletions
  • Compare files by content
  • Configure handling of Symbolic Links
  • Automate sync as a batch job
  • Process multiple folder pairs
  • Comprehensive and detailed error reporting
  • Copy NTFS extended attributes (compressed, encrypted, sparse), NTFS security permissions, NTFS Alternate Data
  • Streams
  • Copy HFS+ extended attributes and ACLs
  • Support long file paths with more than 260 characters
  • Fail-safe file copy prevents data corruption
  • Cross-platform: Runs on Windows, Linux, macOS
  • Use macros %time%, %date%, et al. for recurring backups
  • Expand environment variables like %UserProfile%
  • Access variable drive letters by volume name (USB sticks)
  • Native 64-bit support
  • Prevent disc space bottlenecks via optimal sync sequence
  • Full Unicode support
  • Highly optimised run time performance
  • Include and exclude files via filter
  • FreeFileSync portable and local installation available
  • Handle daylight saving time changes on FAT/FAT32
  • Case-sensitive synchronization
  • Serialize multiple users accessing the same (network) folder via folder locking
  • Fully localised user interface available in 30+ languages

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Import/Export hosts list from/to a text file
  • Domain Name System support to resolve Hostname or IP address
  • Simultaneous PINGs to multiple hosts. (Limited only by CPU memory)
  • Configurable PING (ICMP) protocol (Packet size, Polling interval, Timeout)
  • Session save and restore
  • Export host statistics
  • Detailed PING graphs (Hourly, Daily, Weekly, Monthly, Annual)
  • Configurable Round Robin Database size (24 hours, 30 days, 6 months, 1 year, 3 years)
  • Configurable graph properties (color, type)
  • Dashboard view to observe and compare graphs
  • Polling wait bar
  • Self extracts - No installation required

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

 

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Strong security (AES encryption, SHA-256 hash, protection against dictionary and guessing attacks, in-memory, protection, ...).
  • Portable (no installation required), available for many platforms (Windows, Linux, Mac OS X, smart devices/phones, ...).
  • Efficient and flexible organization (entry groups, tags, time fields, file attachments, ...).
  • Various data transfer methods (clipboard, drag and drop, auto-type, plugins can provide integration with other applications, ...).
  • Powerful password generator (generation based on character sets and patterns, with many options).
  • Extensible (plugin architecture) and multi-language (more than 40 languages are available).

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License:

Features:

  • Flexible
  • Powerful
  • Portable
  • Easy
  • Free

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Traceroute
  • Packet sniffer
  • Whois
  • 3D and 2D Map visualisation
  • Export data to image or text
  • Gantt view

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Features:

  • Hierarchical view of processes.
  • Ability to display an icon and company name next to each process.
  • Live CPU activity graph in the task bar.
  • Ability to suspend selected process.
  • Ability to raise the window attached to a process, thus "unhiding" it.
  • Complete process tree can be killed.
  • Interactively alter a service process's access security
  • Interactively set the priority of a process
  • Disambiguates service executables which perform multiple service functions. For example, when the pointer is
  • placed over a svchost.exe, it will tell if it is the one performing automatic updates/secondary logon/etc., or the
  • one providing RPC, or the one performing terminal services, and so on.
  • There is an option (in a process's context menu) to verify a process in VirusTotal
  • There is an option to display DLLs loaded by process (View => Lower Pane View => DLLs); an option Show Lower
  • Pane has to be switched on
  • There is an option to display processes handles which includes named mutants, events, sockets, files, registry
  • keys etc. (View => Lower Pane View => Handles); an option Show Lower Pane has to be switched on
  • In properties of a process a user can view the process's threads and threads stack traces
  • There is a command to create a process dump (mini or full) (Process => Create Dump)
  • There is a Find command which allows for searching a handle or DLL which can be used to identify the process
  • (es) holding a file lock.
  • There is an option (in handle context menu) to close a selected handle

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freemium

Features:

  • Adjust the level of detail of the information that is shown in the tree map using a slider.
  • Customise whether or not files and file types are shown in the tree map
  • Modify the colours of the treemap chart to fit your preferences.
  • Choose between a flat 2D view and a 3D view that shows the tiles like a cushion.
  • The TreeSize treemap chart supports Drag&Drop operations.

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Features:

  • More data captured for operation input and output parameters
  • Non-destructive filters allow you to set filters without losing data
  • Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an
  • operation
  • Reliable capture of process details, including image path, command line, user and session ID
  • Configurable and moveable columns for any event property
  • Filters can be set for any data field, including fields not configured as columns
  • Advanced logging architecture scales to tens of millions of captured events and gigabytes of log data
  • Process tree tool shows relationship of all processes referenced in a trace
  • Native log format preserves all data for loading in a different Process Monitor instance
  • Process tooltip for easy viewing of process image information
  • Detail tooltip allows convenient access to formatted data that doesn't fit in the column
  • Cancellable search
  • Boot time logging of all operations

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: MIT License

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv3

Features:

  • Graphical user interface
  • Translated into several languages
  • Integration with Windows (Drag and drop, URL, shortcut icons)
  • All common operations with files
  • Support for SFTP and SCP protocols over SSH-1 and SSH-2, FTP protocol, WebDAV protocol and Amazon S3 protocol
  • Batch file scripting, command-line interface and .NET wrapper
  • Directory synchronization in several semi or fully automatic ways
  • Integrated text editor
  • Support for SSH password, keyboard-interactive, public key and Kerberos (GSS) authentication
  • Integrates with Pageant (PuTTY authentication agent) for full support of public key authentication with SSH
  • Choice of Windows File Explorer-like or Norton Commander-like interfaces
  • Optionally stores session information
  • Optionally import session information from PuTTY sessions in the registry
  • Able to upload files and retain associated original date/timestamps, unlike FTP clients

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: GPLv2

Features:

  • Data can be captured "from the wire" from a live network connection or read from a file of already-captured packets.
  • Live data can be read from different types of networks, including Ethernet, IEEE 802.11, PPP, and loopback.
  • Captured network data can be browsed via a GUI, or via the terminal (command line) version of the utility, TShark.
  • Captured files can be programmatically edited or converted via command-line switches to the "editcap" program.
  • Data display can be refined using a display filter.
  • Plug-ins can be created for dissecting new protocols.
  • VoIP calls in the captured traffic can be detected. If encoded in a compatible encoding, the media flow can even be played.
  • Raw USB traffic can be captured.
  • Wireless connections can also be filtered as long as they traverse the monitored Ethernet.
  • Various settings, timers, and filters can be set to provide the facility of filtering the output of the captured traffic.

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License: Freeware

Features:

  • Finds the files and folders using the most space on your hard drive
  • Works VERY Fast! We think it's the fastest application of this type in the world
  • Finds the top 1000 largest files on your hard drive
  • Sort the contents of your entire hard drive by folder size and optionally delete files and folders

title

  • PLATFORM:
  • WINDOWS
  • LINUX
  • MAC

License:

Graphical Nmap frontend and results viewer