Task Explorer - An Advanced Task Manager for hackers

[DavidXanatos]

I have a small inquiry for you guys...

What features would you like to see in the next builds?


I was thinking about the ability to set priorities and CPU affinities persistently, i.e. the tool would remember it on an file name basis and whenever a process is seen with one of the preset paths (or only exe name, in the end probably a wildcard path really) its priorities and stuff will get adjusted accordingly.

I was also thinking about adding an option to perpetually kill processes on the same basis, when one gets seen it will get killed.
thinking here about typical telemetry processes like vctip.exe (VS2017/2019), software_reporter_tool.exe (Chrome), NvTelemetryContainer (NVidia) etc....


With regard to not allowing processes to start I could enforce that using the driver so that the process never goes past created suspended. But is that overkill?
Is that the right thing for a task manager or should that go into some separate HIPS tool? I don't want to cram thematically unrelated features together, but well not allowing processes to start is still in the scope of a process manager.

What do you think?

[Stingered]

Quote:

Originally Posted by DavidXanatos

I have a small inquiry for you guys...

What features would you like to see in the next builds?


I was thinking about the ability to set priorities and CPU affinities persistently, i.e. the tool would remember it on an file name basis and whenever a process is seen with one of the preset paths (or only exe name, in the end probably a wildcard path really) its priorities and stuff will get adjusted accordingly.

I was also thinking about adding an option to perpetually kill processes on the same basis, when one gets seen it will get killed.
thinking here about typical telemetry processes like vctip.exe (VS2017/2019), software_reporter_tool.exe (Chrome), NvTelemetryContainer (NVidia) etc....


With regard to not allowing processes to start I could enforce that using the driver so that the process never goes past created suspended. But is that overkill?
Is that the right thing for a task manager or should that go into some separate HIPS tool? I don't want to cram thematically unrelated features together, but well not allowing processes to start is still in the scope of a process manager.

What do you think?

Is useful to have option for suspend process?

[DavidXanatos]

Quote:

Is useful to have option for suspend process?

You mean something that would suspend all started processes that have a certain path name?

hmm... for an every day use I don't think that is a good idea you would accumulate possibly hundreds of such processes.

but for some particular debug operations when you want to trace something that spawns many child processes really thoroughly, may be...

[Stingered]

Quote:

Originally Posted by DavidXanatos

You mean something that would suspend all started processes that have a certain path name?

hmm... for an every day use I don't think that is a good idea you would accumulate possibly hundreds of such processes.

but for some particular debug operations when you want to trace something that spawns many child processes really thoroughly, may be...

"but for some particular debug operations when you want to trace something that spawns many child processes really thoroughly, may be..."

this (an option, not automatic) - thx