Crescendo
Crescendo is a real time event viewer for macOS that uses the ESF to show process executions and forks, file events, share mounting events, kernel extension loads, and IPC event data. ESF provides a vast amount of data, but the goal was to just pick out the things that analysts would be interested in when analyzing a piece of malware or trying to understand how a process (or component) works. Just the right amount of data without being a firehose of events to the user.
The Terms of Use for this software are subject to the licensing and terms outlined in the OSS repository.
Support
| Developer: | FireEye |
| Supported By: | Community |
| Contact: | Issues |
| Resources: | FireEye Blog - Crescendo: Real Time Event Viewer for macOS |
OSS Info
| Platform: | macOS |
| Requirements: | macOS 10.15.X and Xcode 10+ |