Sysinternals Sysmon is an advanced system monitoring service that logs file manipulation, process and image loading, and other events that can be used to identify the presence of an attacker. Learn tips and tricks that will help you get the most out of this powerful hacker hunting tool.