SysmonConfigurator v1.0

Purpose: To enable Sysmon-based enrichment features in Live Process Monitor Plus, Sysmon must be installed, running, and configured with a compatible configuration file that enables logging of Sysmon Event ID 1, 3, and 5. SysmonConfigurator.exe can be used to configure Sysmon automatically.

LiveProcessMonitorTools v1.0

Windows GUI tools for baseline-driven endpoint process and network monitoring that capture a snapshot of running processes and connections, then continuously track post-baseline changes without discarding history. They correlate data in a unified view, with an extended version integrating optional Sysmon telemetry for deeper timeline visibility.

LiveProcessMonitorPlus v1.0

Purpose: Live Process Monitor Plus extends the baseline-driven monitoring model by correlating native Windows telemetry with optional Sysmon event data, providing deeper timeline visibility while preserving the same workflow and user interface principles.

LiveProcessMonitor v1.0

Purpose: Live Process Monitor is a Windows GUI tool designed for baseline-driven endpoint process and network monitoring. It allows the user to create a snapshot baseline of running processes and their network activity, and then transition into continuous post-baseline monitoring to identify new processes, terminated processes, and changes in TCP and UDP network connections. Unlike tools that display only momentary live activity, Live Process Monitor does not discard post-baseline observations over time. All post-baseline process and network activity is continuously collected, retained, and presented as an auditing history, allowing the user to review the full sequence of changes without losing important context. The tool correlates process metadata, command lines, executable hashes, and live network endpoints in a single unified view to support incident response, malware analysis, and live endpoint triage.