Check for suspicious processes on macOS
The app shows all running processes that are not signed by Apple as a tree. Plus it shows Apple signed running processes like shells, script languages and so on that may be used for malicious activity.
$ make
$ [sudo] make installor
$ brew tap x13a/tap
$ brew install x13a/tap/pschkUSAGE: pschk [--version] [--args] [--env] [-a]
OPTIONS:
--version Print version and exit
--args Show arguments for all
--env Show environment vars
-a Show all processes, ignore default filter
-h, --help Show help information.
~
❯ [sudo] pschk
[74437] [user] /Applications/Firefox.app/Contents/MacOS/firefox
[78984] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
[74448] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
[74552] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
[74449] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
[87122] [user] /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
[74015] [user] /Applications/Fork.app/Contents/MacOS/Fork
...