From Collaborative RCE Tool Library
Registry Monitoring Tools
| Tool name: | All-Seeing Eye |
| ||
|---|---|---|---|---|
| Author: | Fortego Security | |||
| Website: | http://www.fortego.com/en/ase.html | |||
| Current version: | 0.7.1 | |||
| Last updated: | 2007 | |||
| Direct D/L link: | http://www.fortego.com/resources/ase071.zip | |||
| License type: | Free | |||
| Description: | Tool for automated diff-style checking of many sensitive system areas that malware and other programs often try to modify silently. Like Tripwire on speed. | |||
| Also listed in: | File System Diff Tools, Install Monitoring Tools, System Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Process Monitor |
| ||
|---|---|---|---|---|
| Author: | Mark Russinovich and Bryce Cogswell | |||
| Website: | http://www.microsoft.com/technet/sysinternals/FileAndDisk/processmonitor.mspx | |||
| Current version: | 1.32 | |||
| Last updated: | April 17, 2008 | |||
| Direct D/L link: | http://download.sysinternals.com/Files/ProcessMonitor.zip | |||
| License type: | Free | |||
| Description: | Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit. | |||
| Also listed in: | File Monitoring Tools, Process Monitoring Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | RegMon |
| ||
|---|---|---|---|---|
| Author: | Mark Russinovich and Bryce Cogswell | |||
| Website: | http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/Regmon.mspx | |||
| Current version: | 7.04 | |||
| Last updated: | November 1, 2006 | |||
| Direct D/L link: | N/A | |||
| License type: | Free | |||
| Description: | Regmon is a Registry monitoring utility that will show you which applications are accessing your Registry, which keys they are accessing, and the Registry data that they are reading and writing - all in real-time. This advanced utility takes you one step beyond what static Registry tools can do, to let you see and understand exactly how programs use the Registry. With static tools you might be able to see what Registry values and keys changed. With Regmon you'll see how the values and keys changed. Note: Filemon and Regmon have been replaced by Process Monitor on versions of Windows starting with Windows 2000 SP4, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista. Filemon and Regmon remain for legacy operating system support, including Windows 9x. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | RegShot |
| ||
|---|---|---|---|---|
| Author: | ||||
| Website: | http://regshot.blog.googlepages.com/regshot | |||
| Current version: | 1.81 | |||
| Last updated: | June 20, 2007 | |||
| Direct D/L link: | http://regshot.blog.googlepages.com/regshot181_src_bin.zip | |||
| License type: | Free / Open Source | |||
| Description: | Regshot is a small,free and open-source(GPL) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product. The changes report can be produced in text or HTML format and contains a list of all modifications that have taken place between snapshot1 and snapshot2. In addition, you can also specify folders (with sub filders) to be scanned for changes as well. | |||
| Also listed in: | Registry Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Regshot Unicode |
| ||
|---|---|---|---|---|
| Author: | Handle | |||
| Website: | http://www.czechcup.com/regshot/index.php | |||
| Current version: | 2.0.1.61 | |||
| Last updated: | March 5, 2008 | |||
| Direct D/L link: | http://www.czechcup.com/regshot/regshot.rar | |||
| License type: | Free / Open Source | |||
| Description: | Regshot is a small, free and open source (GPL) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product. The changes report can be produced in text or HTML format and contains a list of all modifications that have taken place between snapshot1 and snapshot2. In addition, you can also specify folders (with sub filders) to be scanned for changes as well. | |||
| Also listed in: | Registry Diff Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SysAnalyzer |
| ||
|---|---|---|---|---|
| Author: | David Zimmer (iDefense Labs) | |||
| Website: | http://labs.idefense.com/files/labs/releases/previews/SysAnalyzer/ | |||
| Current version: | ||||
| Last updated: | January 19, 2007 | |||
| Direct D/L link: | http://labs.idefense.com/software/download/?downloadID=15 | |||
| License type: | GPL2 | |||
| Description: | SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare: * Running Processes * Open Ports * Loaded Drivers * Injected Libraries * Key Registry Changes * APIs called by a target process * File Modifications * HTTP, IRC, and DNS traffic SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks: * Create a memory dump of target process * parse memory dump for strings * parse strings output for exe, reg, and url references * scan memory dump for known exploit signatures Full GPL source for SysAnalyzer is included in the installation package. | |||
| Also listed in: | Disk Monitoring Tools, Network Monitoring Tools, Install Monitoring Tools, API Monitoring Tools, File Monitoring Tools, Memory Dumpers | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
