ProcMon for Linux

Forensics & Incident Response

A Linux‑based system call tracer that reimagines Windows Procmon for monitoring process activity

Track releases GitHub

C Latest 2.2.1 · 27d ago Security brief →

Features

Traces system calls (syscalls) of selected processes
Supports filtering by PID and specific syscalls
Offers headless mode to collect events into a SQLite database file
Provides a TUI for interactive viewing of trace files

Recent releases

View all 2 releases →

2.2.0 Breaking risk 2mo

Breaking changes

Removed the shell.c source file

Full changelog

Changes:

Update SQLite dependency (#143)
Continue to back away from the LEFT JOIN optimization of check-in [41c27bc0ff1d3135] by disallowing query flattening if the outer query is DISTINCT (#139)
Remove shell.c (#138)

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per week

Mar 25

Apr 1

Apr 8

Apr 15

Apr 22

Apr 29

May 6

May 13

May 20

May 27

Jun 3

Cadence 0.2 / wk

Last release 27d

Tracked 2

Security

Full profile →

Security score 6.8/10

OpenSSF 5.8/10

Open CVEs 0

SECURITY.md Active maintainer

Community

GitHub stars 4,685

Forks 289

Open issues 30

Open PRs 5

Stars/wk velocity 0.0

HN peak 232

About

Stars

4,685

Forks

289

Languages

C C++ CMake

View on GitHub

Install & Platforms

Platforms

linux

Similar tools

Sysmon for Linux

Rizin

Radare2

CAPA

Umbraco