SysAnalyzer
Jump to navigation
Jump to search
Description
SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare:
- Running Processes
- Open Ports
- Loaded Drivers
- Injected Libraries
- Key Registry Changes
- APIs called by a target process
- File Modifications
- HTTP, IRC, and DNS traffic
SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:
- Create a memory dump of target process
- parse memory dump for strings
- parse strings output for exe, reg, and url references
- scan memory dump for known exploit signatures
Full GPL source for SysAnalyzer is included in the installation package.
Installation
Download link: http://sandsprite.com/CodeStuff/SysAnalyzer_Setup.exe