pspy - process monitoring / cron job detection

Hi, I also write a simple bash script to log process history, it’s simple but effect.

root@kali:~/pentest# wget pentest-script/ps_history.sh at master · xiaoxiaoleo/pentest-script · GitHub
root@kali:~/pentest# bash ps_history.sh
root@kali:~/pentest# cat ps_history

Cool. I was thinking about creating a similar tool but didn’t really get into it :+1:

How can i configure pspy? I tried with “make build-pspy32” and “make build-pspy64” but nothing happen.

just run it in the computer you want to monitor, have a look at the video :slight_smile:

Is there an actual step by step tutorial on how to build this? There’s not much information on git itself on how to build it.

@meni0n said:
Is there an actual step by step tutorial on how to build this? There’s not much information on git itself on how to build it.

You will first need to install docker, then clone the repo, cd into it and run:

  1. make build-build-image
  2. make build

You will find the four binaries in the bin directory in the cloned repo.

Great tool

Thanks, tried installing docker in Kali but no success. Have to troubleshoot that now…

on the release page, you can also just download the binaries: Releases · DominicBreuker/pspy · GitHub
should update the readme sometime…

man this tool is awesome. it was a bit tricky to get built. wish i had checked the releases!

This tool is GREAT !!!

Just used this tool today, great job. Thanks!

Yeah buddy…this is NICE!!

Works perfectly, great tool :slight_smile:

only way to make this run is just to have docker installed on the system ?

Can the binaries e.g. pspy64 from the releases link be run without Docker?

In answer to my own question - yes they can.

In answer to my own question above, yes they can.

Type your comment> @Pilgrim23 said:

In answer to my own question above, yes they can.

Hey man, how can i run the binaries only? when try to do that it get me a lot of errors!

Using this tool is not good on HTB because using this tool to monitor others activate for root and get idea for root .

But tool is nice. great job.

if privesc ain’t starring in the face this is what i use at the end before starting all over again. Great job mate!