What is the pricing for ProcFilter?

ProcFilter is a free Endpoint Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/godaddy/procfilter/ for download and installation instructions.

What are alternatives to ProcFilter?

Popular alternatives to ProcFilter include: 1. HarfangLab Cybersecurity Solutions - EDR platform with EPP capabilities for endpoint threat detection and response (Commercial) 2. Genian EDR - On-premises/hybrid EDR with local threat detection, response, and NAC integration. (Commercial) 3. autoruns - A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications. (Free) 4. MDE-AuditCheck - A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality. (Free) 5. CrowdStrike Endpoint Security - AI-powered endpoint protection, detection, and response platform (Commercial) Compare these tools and more at https://cybersectools.com/categories/endpoint-security

Who should use ProcFilter?

ProcFilter is for security teams and organizations that need Windows, YARA. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Endpoint Security tools can be found at https://cybersectools.com/categories/endpoint-security

ProcFilter | CybersecTools

ProcFilter

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

Free397

Visit Website

Compare

Free397

ProcFilter

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

Visit Website

Data verified Apr 2026

Explore Endpoint Security 48 Alternatives Compare Stacks Market Map Explore All Tools

ADYour product here. Reach security decision-makers.Launch a campaign

ProcFilter Description

Endpoint Security/Endpoint Detection and Response

Windows Yara

ProcFilter is a process filtering system for Windows with built-in YARA integration. YARA rules can be instrumented with custom meta tags that tailor its response to rule matches. It runs as a Windows service and is integrated with Microsoft's ETW API, making results viewable in the Windows Event Log. Installation, activation, and removal can be done dynamically and does not require a reboot. ProcFilter's intended use is for malware analysts to be able to create YARA signatures that protect their Windows environments against a specific threat. It does not include a large signature set. Think lightweight, precise, and targeted rather than broad or all-encompassing. ProcFilter is also intended for use in controlled analysis environments where custom plugins can perform artifact-specific actions. Designed to be easy to adopt, ProcFilter's integration with Git and Event Log minimize the need for additional tools or infrastructure to deploy rules or gather results. ProcFilter is compatible with Windows 7+ and Windows Server 2008+ systems. Installers ProcFilter x86/x64 Release/Debug Installers Note: Unpatched Windows 7 systems require hotfix 3033929 to load the driver component.

ProcFilter Description

Endpoint Security/Endpoint Detection and Response

Windows Yara

ProcFilter FAQ

Common questions about ProcFilter including features, pricing, alternatives, and user reviews.

ProcFilter is ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments. It is a Endpoint Security solution designed to help security teams with Windows, YARA.

Have more questions? Browse our categories or search for specific tools.

ProcFilter

ProcFilter

ProcFilter Description

ProcFilter Description

ProcFilter FAQ

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES