progmboy / openprocmon Goto Github PK
View Code? Open in Web Editor NEWopen source process monitor
License: MIT License
openprocmon's People
Contributors
Stargazers
Watchers
Forkers
explife0011 l4ys fcccode mingyueruya dantee296 fengjixuchui neveroldmilk crackercat jilvan1234 rocker9527 imaro unuaunco ryanbekabe 5433d-r32433 truenix dymok93 sabason wook8170 csgo-5e marcosd4h newonejoe kooh512 rakendrathapa anti-ghosts asdlei99 getsync jackypeng66 zhongxuans tzulea fulan0dental wumn290 mcgrue gmh5225 jiangyuchun cydiakk skyn9ne marchorse windowskernel misccodeorg useful-stuff nasingfaund sysfce2 jonasmartin bianchengnan osok trance2nite elmelik beeefire noostudent smileofjoyce quantww cohortminseok haidragon dbgyfw surager xxmmy crushonme zzz9328fb tobynck songbei6 lat0ur zzhsec 276585877 peter-zheng-sp jslc2008 secure-codenator plioy-mwb cr4zyrain alan0526 tokeii0 vsharma13openprocmon's Issues
Compiled lib throws LNK2019 error
Hi!
Trying to use precompiled sdk library, but each time it throws error on using of Drvload.Init(TEXT("PROCMON24"), TEXT("procmon.sys"))
Errors are:
[build] test.obj : error LNK2019: unresolved external symbol "int __cdecl LogMessage(enum LEVEL,char const *,...)" (?LogMessage@@YAHW4LEVEL@@PEBDZZ) referenced in function "public: virtual int __cdecl CMyEvent::DoEvent(class CRefPtr<class CEventView>)" (?DoEvent@CMyEvent@@UEAAHV?$CRefPtr@VCEventView@@@@@Z) [D:\code\testsdk\build\apps\agent.vcxproj]
[build] Hint on symbols that are defined and could potentially match:
[build] "int __cdecl LogMessage(enum LEVEL,wchar_t const *,...)" (?LogMessage@@YAHW4LEVEL@@PEB_WZZ)
[build] test.obj : error LNK2019: unresolved external symbol "public: class ATL::CStringT<char,class ATL::StrTraitATL<char,class ATL::ChTraitsCRT<char> > > __cdecl CEventView::GetPath(void)" (?GetPath@CEventView@@QEAA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@XZ) referenced in function "public: virtual int __cdecl CMyEvent::DoEvent(class CRefPtr<class CEventView>)" (?DoEvent@CMyEvent@@UEAAHV?$CRefPtr@VCEventView@@@@@Z) [D:\code\testsdk\build\apps\agent.vcxproj]
[build] test.obj : error LNK2019: unresolved external symbol "public: class ATL::CStringT<char,class ATL::StrTraitATL<char,class ATL::ChTraitsCRT<char> > > __cdecl CEventView::GetProcessName(void)" (?GetProcessName@CEventView@@QEAA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@XZ) referenced in function "public: virtual int __cdecl CMyEvent::DoEvent(class CRefPtr<class CEventView>)" (?DoEvent@CMyEvent@@UEAAHV?$CRefPtr@VCEventView@@@@@Z) [D:\code\testsdk\build\apps\agent.vcxproj]
[build] D:\code\testsdk\build\apps\Release\test.exe : fatal error LNK1120: 4 unresolved externals [D:\code\testsdk\build\apps\agent.vcxproj]
[build] Build finished with exit code 1
Code I'm trying to build:
...
#include <libprocmon/sdk.hpp>
#include <atlstr.h>
#include <atltime.h>
int main(int argc, char *argv[])
{
CEventMgr &Optmgr = Singleton<CEventMgr>::getInstance();
CMonitorContoller &Monitormgr = Singleton<CMonitorContoller>::getInstance();
CDrvLoader &Drvload = Singleton<CDrvLoader>::getInstance();
//error is on this step
if (!Drvload.Init(TEXT("PROCMON24"), TEXT("procmon.sys")))
{
return -1;
}
Optmgr.RegisterCallback(new CMyEvent);
...
}
CMakeLists looks like this:
add_executable(test test.cpp)
# libprocmon link
set(PROCMON_INCLUDE_DIR ${HoneyCornAgent_SOURCE_DIR}/include/libprocmon/)
set(PROCMON_LIBRARY ${HoneyCornAgent_SOURCE_DIR}/src/libprocmon/libprocmon.lib )
include_directories(${PROCMON_INCLUDE_DIR})
include_directories(${HoneyCornAgent_SOURCE_DIR}/src/libprocmon)
include_directories(${HoneyCornAgent_SOURCE_DIR}/lib/procmonsdk/)
include_directories(${HoneyCornAgent_SOURCE_DIR}/lib/procmonsdk/kernel)
include_directories(${HoneyCornAgent_SOURCE_DIR}/lib/procmonsdk/WTL10_10320/Include)
link_directories(${HoneyCornAgent_SOURCE_DIR}/lib/procmonsdk/)
link_directories(${HoneyCornAgent_SOURCE_DIR}/lib/procmonsdk/kernel)
link_directories(${HoneyCornAgent_SOURCE_DIR}/lib/procmonsdk/WTL10_10320/Include)
link_directories(${HoneyCornAgent_SOURCE_DIR}/src/libprocmon)
link_directories({PROCMON_INCLUDE_DIR})
add_library(libprocmon STATIC IMPORTED)
set_target_properties(libprocmon PROPERTIES
IMPORTED_LOCATION ${PROCMON_LIBRARY}
INTERFACE_INCLUDE_DIRECTORIES ${PROCMON_INCLUDE_DIR}
)
target_link_libraries(agent PRIVATE wsock32 ws2_32 atls crypt32 normaliz wldap32 kernel32 user32 gdi32 winspool comdlg32 advapi32 shell32 ole32 oleaut32 uuid odbc32 odbccp32 libprocmon)
Library was build using visualstudio as per instruction. The code I'm trying to use based on testsdk.cpp
Am I missing something or it's library building issue?
Registry Path
Hello,
Can you please help me to get the registry key path same like file path in CString CFileEvent::GetPath()
I am not sure what structure to be use in case of registry.
Thanks in advance!
-Mak
Network Activity.
Hi,
Is it possible to show the network activity using SDK?
-Mak
More than one include filter.
Hi,
I want to add more then two include filter but when I add it no data logged. Please see below filters.
m_Filter.AddFilter(emProcessName, emCMPIs, emRETInclude, TEXT("notepad.exe"));
m_Filter.AddFilter(emProcessName, emCMPIs, emRETInclude, TEXT("WinMergeU.exe"));
I want to use both filters, can you please help to to fix this issue?
Thanks,
-Mak
How to get child PID
Hi,
Can you please guild me how can I get the child PID when on process create?
-Mak
Win32 bit build error LNK2001
Hi,
Getting following error with x86 (32bit) build configuration.
2>procmonsdk.lib(drvload.obj) : error LNK2001: unresolved external symbol __imp__NtUnloadDriver
2>procmonsdk.lib(drvload.obj) : error LNK2001: unresolved external symbol __imp__NtLoadDriver
Thanks & Regards,
- Mak
procmon for windows server 2008 re
Hi,
Openprocmon is not working on Windows server 2008 re, failed to load procmon driver.
Old Procmon.exe v3.33 is working fine on Win server 2008 but procmonXX.sys is not found in drivers folder.
Do you know which procmon.sys version works with Win server 2008 and where I can get the SYS file?
Thanks & Regards,
-Mak
注册表行为失效
Add signature mitigation check
请问能否发下成品
1、请问能否发下成品;
2、请问驱动部分是否逆向的procmon代码得到的,我看功能架构类似
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.