SysAnalyzer

From aldeid
Jump to navigation Jump to search

Description

SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare:

  • Running Processes
  • Open Ports
  • Loaded Drivers
  • Injected Libraries
  • Key Registry Changes
  • APIs called by a target process
  • File Modifications
  • HTTP, IRC, and DNS traffic

SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:

  • Create a memory dump of target process
  • parse memory dump for strings
  • parse strings output for exe, reg, and url references
  • scan memory dump for known exploit signatures

Full GPL source for SysAnalyzer is included in the installation package.

Installation

Download link: http://sandsprite.com/CodeStuff/SysAnalyzer_Setup.exe

Tools

Comments

blog comments powered by Disqus