From Collaborative RCE Tool Library
Process Monitoring Tools
| Tool name: | Process Explorer |
| ||
|---|---|---|---|---|
| Author: | Mark Russinovich | |||
| Website: | http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx | |||
| Current version: | 11.04 | |||
| Last updated: | November 5, 2007 | |||
| Direct D/L link: | http://download.sysinternals.com/Files/ProcessExplorer.zip | |||
| License type: | Free | |||
| Description: | The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Malcode Analysis Pack |
| ||
|---|---|---|---|---|
| Author: | David Zimmer (iDefense Labs) | |||
| Website: | http://labs.idefense.com/files/labs/releases/previews/map/ | |||
| Current version: | ||||
| Last updated: | November 13, 2006 | |||
| Direct D/L link: | http://labs.idefense.com/software/download/?downloadID=8 | |||
| License type: | GPL2 | |||
| Description: | The Malcode Analyst Pack contains a series of utilities that were found to be necessary tools while doing rapid malcode analysis. Included in this package are: • ShellExt - 4 explorer shell extensions • socketTool - manual TCP Client for probing functionality. • MailPot - mail server capture pot • fakeDNS - spoofs dns responses to controlled ip's • sniff_hit - HTTP, IRC, and DNS sniffer • sclog - Shellcode research and analysis application • IDCDumpFix - aids in quick RE of packed applications • Shellcode2Exe - embeds multiple shellcode formats in exe husk • GdiProcs - detect hidden processes | |||
| Also listed in: | Malware Analysis Tools, Network Tools, TCP Proxy Tools, Network Sniffers, Import Editors, Reverse Engineering Frameworks, API Monitoring Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Process Lasso |
| ||
|---|---|---|---|---|
| Author: | Jeremy Collake | |||
| Website: | http://www.bitsum.com/prolasso.php | |||
| Current version: | 2.74 | |||
| Last updated: | April 2, 2008 | |||
| Direct D/L link: | http://www.bitsum.com/files/pssetup.zip | |||
| License type: | Free | |||
| Description: | Process Lasso is a unique new technology intended to automatically adjust the allocation of CPU cycles so that system responsiveness is improved in high-load situations. It does this by dynamically temporarily lowering the priorities of processes that are consuming too many CPU cycles, there-by giving other processes a chance to run if they are in need. This is useful for both single and multi-core processors. No longer will a single process be able to bring your system to a virtual stall. In addition, Process Lasso offers capabilities such as default process priorities, termination of disallowed processes, and logging of processes executed. Supporting users are able to download all past and future builds of Process Lasso and have are given a specially labelled version of Process Lasso | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Process Monitor |
| ||
|---|---|---|---|---|
| Author: | Mark Russinovich and Bryce Cogswell | |||
| Website: | http://www.microsoft.com/technet/sysinternals/FileAndDisk/processmonitor.mspx | |||
| Current version: | 1.32 | |||
| Last updated: | April 17, 2008 | |||
| Direct D/L link: | http://download.sysinternals.com/Files/ProcessMonitor.zip | |||
| License type: | Free | |||
| Description: | Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit. | |||
| Also listed in: | File Monitoring Tools, Registry Monitoring Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
