Monitor New Processes Created On MacOS, Similar to https://github.com/DominicBreuker/pspy, and https://objective-see.com/products/utilities.html. No Dependencies Required. Why Needed to monitor jamf scripts commandline arguments on mac recently, jamf api keys were being used in jamf scripts that ran peroidically. Using process monitor gathered curl args and got creds which allowed full access to jamf server. Allowing privesc. BUT ProcessMonitor requires root access and pspy doesnt work on mac due to no /proc directory. also ps cannot really be rewritten as it wont […]