# dominicbreuker/pspy **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/dominicbreuker-pspy).** 5,880 stars · 562 forks · Go · gpl-3.0 ## Links - GitHub: https://github.com/DominicBreuker/pspy - awesome-repositories: https://awesome-repositories.com/repository/dominicbreuker-pspy.md ## Topics `ctf` `enumeration` `golang` `pentesting` `privesc` `security` ## Tags ### System Administration & Monitoring - [Linux](https://awesome-repositories.com/f/system-administration-monitoring/process-monitors/linux.md) — Watches Linux processes in real time to see commands executed by all users, including short-lived processes and cron jobs, without root access. - [Real Time Process Monitors](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability/real-time-process-monitors.md) — Watches Linux processes as they execute and reports commands run by all users, including cron jobs, without requiring root privileges. ([source](https://github.com/DominicBreuker/pspy/tree/master/.circleci)) - [Procfs-Based Process Monitors](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability/real-time-process-monitors/procfs-based-process-monitors.md) — Watches Linux processes in real time by scanning /proc and using inotify to catch short-lived commands from all users. - [Rootless](https://awesome-repositories.com/f/system-administration-monitoring/process-monitors/rootless.md) — Scans /proc and uses inotify file-system triggers to catch short-lived processes run by any user, including cron jobs. ([source](https://github.com/DominicBreuker/pspy#readme)) ### Development Tools & Productivity - [Procfs Process Snoopers](https://awesome-repositories.com/f/development-tools-productivity/diagramming-tools/process-and-flow-mapping/process-configuration-mappings/network-and-process-enumeration/procfs-process-snoopers.md) — Scans /proc and uses inotify file system events to catch short-lived processes executed by any user on a Linux system. ([source](https://github.com/DominicBreuker/pspy/blob/master/README.md)) - [Inotify](https://awesome-repositories.com/f/development-tools-productivity/process-watchers/inotify.md) — Uses inotify file system events to trigger process scans when directories are accessed, capturing ephemeral commands. ### DevOps & Infrastructure - [Cron Job Monitoring](https://awesome-repositories.com/f/devops-infrastructure/scheduling/cron-job-monitoring.md) — Captures commands from scheduled cron jobs by monitoring file system activity and scanning for new processes. ### Operating Systems & Systems Programming - [Procfs Extractions](https://awesome-repositories.com/f/operating-systems-systems-programming/procfs-extractions.md) — Scans the /proc filesystem to detect and report processes as they execute, including those from cron jobs. - [Rootless Process Observers](https://awesome-repositories.com/f/operating-systems-systems-programming/root-privilege-abstractions/no-root-privilege-escalations/rootless-process-observers.md) — Observes all user processes on a Linux system without requiring root privileges, using only /proc and inotify. - [Directory Watchers](https://awesome-repositories.com/f/operating-systems-systems-programming/system-administration-maintenance/file-system-management/file-systems/directory-operations/directory-watchers.md) — Places inotify watchers recursively on specified directories to trigger process scans upon file access events. - [Inotify-Based Watchers](https://awesome-repositories.com/f/operating-systems-systems-programming/system-administration-maintenance/file-system-management/file-systems/directory-operations/directory-watchers/inotify-based-watchers.md) — Uses inotify file system events to trigger process scans, enabling detection of short-lived commands without root access. ([source](https://github.com/DominicBreuker/pspy/blob/master/README.md)) ### User Interface & Experience - [Procfs Polling Monitors](https://awesome-repositories.com/f/user-interface-experience/form-and-input-management/interaction-and-event-handling/event-handling-architectures/event-handling-systems/event-queue-polling/kernel-event-polling/procfs-polling-monitors.md) — Polls /proc periodically and uses inotify file system events to detect short-lived processes without root privileges.