Command Spy

Command Spy is a utility for monitoring new processes on a Windows machine. It allows you to see the command line options that are run with each new process. You can filter for specific executables (uses LOLBAS by default) and automatically kill new processes. This was made as an experiment for CCDC.

This uses WMI to get new processes. A caveat to this is WMI is somewhat slow, meaning if a process starts and finishes within a very short time (sub-second), an event may not be triggered.

Requires .NET 4.6.2+

Screenshots

Credits

Theme: https://github.com/AngryCarrot789/WPFDarkTheme

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
CommandSpy		CommandSpy
icon		icon
screenshots		screenshots
.gitattributes		.gitattributes
.gitignore		.gitignore
CommandSpy.exe		CommandSpy.exe
CommandSpy.sln		CommandSpy.sln
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CommandSpy

CommandSpy

icon

icon

screenshots

screenshots

.gitattributes

.gitattributes

.gitignore

.gitignore

CommandSpy.exe

CommandSpy.exe

CommandSpy.sln

CommandSpy.sln

LICENSE

LICENSE

README.md

README.md

Repository files navigation

Command Spy

Screenshots

Credits

About

Releases 3

Languages

License

andyjsmith/Command-Spy

Folders and files

Latest commit

History

Repository files navigation

Command Spy

Screenshots

Credits

About

Topics

Resources

License

Stars

Watchers

Forks

Languages