From Collaborative RCE Tool Library
SysAnalyzer
| Tool name: | SysAnalyzer |
|
||
|---|---|---|---|---|
| Author: | David Zimmer (iDefense Labs) | |||
| Website: | http://labs.idefense.com/files/labs/releases/previews/SysAnalyzer/ | |||
| Current version: | ||||
| Last updated: | January 19, 2007 | |||
| Direct D/L link: | http://labs.idefense.com/software/download/?downloadID=15 | |||
| License type: | GPL2 | |||
| Description: | SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare: * Running Processes * Open Ports * Loaded Drivers * Injected Libraries * Key Registry Changes * APIs called by a target process * File Modifications * HTTP, IRC, and DNS traffic SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks: * Create a memory dump of target process * parse memory dump for strings * parse strings output for exe, reg, and url references * scan memory dump for known exploit signatures Full GPL source for SysAnalyzer is included in the installation package. |
|||
| Related URLs: | No related URLs have been submitted for this tool yet | |||
Feed containing all updates for this tool.
(please also edit it if you think it fits well in some additional category, since this can also be controlled)
