iMonitor(冰镜 - 终端行为分析系统)
iMonitor (Endpoint Behavior Analysis System) is a endpoint behavior monitoring and analysis software based on iMonitorSDK.
Provides monitoring of system behaviors such as processes, files, registry, and networks. Support extensions and scripts, you can easily customize and add more functions. It can be used for virus analysis, software reverse engineering, intrusion detection, EDR, etc.
Thanks to sagasm for your feedback.
Add the management of display columns, you can customize the data to be displayed
Added highlight function, which can highlight key data
Supports grouping and merging statistics, which greatly improves the convenience of analysis (similar to the GROUP BY effect in SQL)
Add workspace management, different analysis scenarios can be quickly switched through the workspace
Added find function
Add multi-language support
Add more event support
Add plugin support
Built-in some plugins
Miscellaneous