From github.com
This tool was inspired by “Noriben“. Norimaci uses the features of OpenBSM or Monitor.app to monitor macOS system activity instead of Sysinternals Process Monitor (procmon).
Norimaci consists of 3 Python scripts.
- norimaci.py : Main script
- openbsmconv.py : OpenBSM audit log converter
- monitorappconv.py : Monitor.app data converter
OpenBSM is a framework to audit activities on macOS. Please see their web site for details.
Monitor.app is a free tool which is made by FireEye. Please see their web site for details.