I’ve been working on a small Windows tool to help surface unusual system behaviour — things like unexpected processes, odd outbound connections, or changes that might indicate something isn’t quite right.

The goal was to build something lightweight that explains activity in plain language, without the noise or complexity of full security suites. It currently highlights things like:

- unusual or suspicious processes - unexpected outbound network activity - changes to scheduled tasks - security‑relevant system events

It also loosely maps some behaviours to common MITRE ATT&CK techniques to give a bit more context about what might be happening.

This is just a personal project I’ve been tinkering with, and I’d really appreciate feedback from anyone interested in Windows internals, visibility tooling, or lightweight monitoring approaches.

If you want to try it, here’s the link: www.sapience-tech.com