pgrep -af <name of running process>
#who is running last created binary in /usr/bin (attack): (sudo apt-get install inotify-tools)
inotifywait -e create /usr/bin | echo $(awk '{print $3}') | xargs pgrep -af
#which process is calling this ID?
ls -l /proc/<ID>/exe
Preview:
downloadDownload PNG
downloadDownload JPEG
downloadDownload SVG
Tip: You can change the style, width & colours of the snippet with the inspect tool before clicking Download!
Click to optimize width for Twitter