GitHub

open source process monitor

Use the procmon gui. (build and run procmon_gui.exe) Use the sdk in you project(build and link sdk) Hack the driver to implement your own EDR or something. You don't ...
GitHub

ProcMon - Linux Kernel Module for Process Monitoring

A comprehensive system call interception and process monitoring framework implemented as a loadable kernel module for Linux. Events are stored in a kernel-space ring buffer accessible via the proc ...