File Monitor Library (based on Apple's new Endpoint Security Framework)
It captures file events (create, open, write, etc) providing path(s) as well as information about the responsible process including:
- pid
- path
- ancestory
- arguments
- code-signing information
Read More:
For more details read: "Writing a File Monitor with Apple's Endpoint Security Framework".
To Support:
❤ Love this product or want to support it? Please check out my patreon page :)
Mahalo!
This product is supported by the following "Friends of Objective-See":
🥇CleanMyMac X
🥈Malwarebytes / Airo AV
🥉SmugMug / Guardian Mobile Firewall / SecureMac / Sophos / SentinelOne / Digital Guardian / Trail of Bits / CyberArk / Halo Privacy