TODO: Write a longer description once the jam is done
Here's a short video of Process Spy v0.1 in action. The list of processes that we've seen events for are listed on the left (along with number of events we've seen from that process). Events are filtered to only file accesses that are within the current folder you are looking at or in any of the sub-folders (recursive). There's not a whole ton of interaction or animation, but even with just this info I can find some interesting things going on. For example, Discord seems to be looking at most of the .exe files that I have currently running. You'll also see that Process Spy detects it's own actions often. These are coming from the way we lookup icons for running processes. We have to ask Windows for the icon for a particular .exe and that gets logged as an event on that .exe.
Because of the short time it may be hard to get the program running properly on your computer (turns out getting the Open Procmon driver started reliably is harder than I thought, requires something more than just admin privileges). So this video acts as a standin for running the process yourself. Hopefully the program will be easier to run in the future
Version 0.1 of Process Spy is now available as a zip download in the github repository: https://github.com/PiggybankStudios/ProcessSpy/blob/master/release/ProcessSpy_0_1.zip
There are a bunch of things I wanted to do that I ran out of time for in the jam time window. But I plan to add a lot more features in the near future. Being able to interact with the icons in the main viewport to identify which process icon is which is one of the main things. Also adding animations to the icons so you can more easily see when accesses are occurring, and how many. I also really want to add some filtering options so you can only see certain kinds of access events, or only events for certain processes