microsoft/ProcMon-for-Linux external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

microsoft/ProcMon-for-Linux

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/microsoft/ProcMon-for-Linux)

Close

microsoft / ProcMon-for-LinuxView on GitHubMore

• External links
• Readme badge

A Linux version of the Procmon Sysinternals tool

☆4,700May 7, 2026Updated last month

Alternatives and similar repositories for ProcMon-for-Linux

Users that are interested in ProcMon-for-Linux are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• microsoft / ProcDump-for-Linux

  View on GitHub
  A Linux version of the ProcDump Sysinternals tool
  ☆3,074Jun 16, 2026Updated last week
• microsoft / SysmonForLinux

  View on GitHub
  Sysmon for Linux
  ☆2,120Updated this week
• microsoft / SysinternalsEBPF

  View on GitHub
  The Linux port of the Sysinternals Sysmon tool.
  ☆284May 7, 2026Updated last month
• rizinorg / cutter

  View on GitHub
  Free and Open Source Reverse Engineering Platform powered by rizin
  ☆19,129Updated this week
• winsiderss / systeminformer

  View on GitHub
  A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsid…
  ☆15,190Updated this week
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• taviso / loadlibrary

  View on GitHub
  Porting Windows Dynamic Link Libraries to Linux
  ☆4,494Apr 10, 2025Updated last year
• microsoft / ebpf-for-windows

  View on GitHub
  eBPF implementation that runs on top of Windows
  ☆3,507Jun 20, 2026Updated last week
• zodiacon / ProcMonXv2

  View on GitHub
  Process Monitor X v2
  ☆657Jan 22, 2024Updated 2 years ago
• blackberry / pe_tree

  View on GitHub
  Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall …
  ☆1,341Jul 9, 2022Updated 3 years ago
• WerWolv / ImHex

  View on GitHub
  🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
  ☆53,983Updated this week
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆6,076Updated this week
• qilingframework / qiling

  View on GitHub
  A True Instrumentable Binary Emulation Framework
  ☆5,983Apr 28, 2026Updated 2 months ago
• NationalSecurityAgency / ghidra

  View on GitHub
  Ghidra is a software reverse engineering (SRE) framework
  ☆70,028Jun 22, 2026Updated last week
• google / tsunami-security-scanner

  View on GitHub
  Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…
  ☆8,588Updated this week
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• zodiacon / SystemExplorer

  View on GitHub
  Windows System Explorer
  ☆890Nov 29, 2025Updated 7 months ago
• gcla / termshark

  View on GitHub
  A terminal UI for tshark, inspired by Wireshark
  ☆9,910Apr 30, 2024Updated 2 years ago
• microsoft / Detours

  View on GitHub
  Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
  ☆6,303Updated this week
• hasherezade / pe-sieve

  View on GitHub
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,706Jun 6, 2026Updated 3 weeks ago
• VirusTotal / yara

  View on GitHub
  The pattern matching swiss knife
  ☆9,697Jun 19, 2026Updated last week
• radareorg / radare2

  View on GitHub
  UNIX-like reverse engineering framework and command-line toolset
  ☆24,200Updated this week
• joxeankoret / diaphora

  View on GitHub
  Diaphora, the most advanced Free and Open Source program diffing tool.
  ☆4,309Jun 16, 2026Updated last week
• iovisor / bcc

  View on GitHub
  BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
  ☆22,469Jun 19, 2026Updated last week
• mandiant / speakeasy

  View on GitHub
  Windows kernel and user mode emulation.
  ☆1,994Jun 19, 2026Updated last week
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• hfiref0x / WinObjEx64

  View on GitHub
  Windows Object Explorer 64-bit
  ☆1,942Jun 19, 2026Updated last week
• HyperDbg / HyperDbg

  View on GitHub
  State-of-the-art native debugging tools
  ☆3,898Updated this week
• solemnwarning / rehex

  View on GitHub
  Reverse Engineers' Hex Editor
  ☆2,468Jun 18, 2026Updated last week
• hasherezade / hollows_hunter

  View on GitHub
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,372Jun 6, 2026Updated 3 weeks ago
• rabbitstack / fibratus

  View on GitHub
  Adversary tradecraft detection, protection, and hunting
  ☆2,495Updated this week
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,667Jun 2, 2026Updated 3 weeks ago
• wader / fq

  View on GitHub
  jq for binary formats - tool, language and decoders for working with binary and text formats
  ☆10,528Jun 16, 2026Updated last week
• lief-project / LIEF

  View on GitHub
  LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
  ☆5,461Jun 20, 2026Updated last week
• avast / retdec

  View on GitHub
  RetDec is a retargetable machine-code decompiler based on LLVM.
  ☆8,565May 26, 2026Updated last month
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,059Sep 24, 2023Updated 2 years ago
• googleprojectzero / sandbox-attacksurface-analysis-tools

  View on GitHub
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,303Nov 6, 2025Updated 7 months ago
• bpftrace / bpftrace

  View on GitHub
  High-level tracing language for Linux
  ☆10,181Updated this week
• x64dbg / x64dbg

  View on GitHub
  An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
  ☆48,726Updated this week
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,650Apr 4, 2026Updated 2 months ago
• microsoft / AttackSurfaceAnalyzer

  View on GitHub
  Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
  ☆2,939Jun 9, 2026Updated 2 weeks ago
• microsoft / WSL2-Linux-Kernel

  View on GitHub
  The source for the Linux kernel used in Windows Subsystem for Linux 2 (WSL2)
  ☆10,474Jun 19, 2026Updated last week