SysAnalyzer

From aldeid
Jump to: navigation, search

Description

SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare:

  • Running Processes
  • Open Ports
  • Loaded Drivers
  • Injected Libraries
  • Key Registry Changes
  • APIs called by a target process
  • File Modifications
  • HTTP, IRC, and DNS traffic

SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:

  • Create a memory dump of target process
  • parse memory dump for strings
  • parse strings output for exe, reg, and url references
  • scan memory dump for known exploit signatures

Full GPL source for SysAnalyzer is included in the installation package.

Installation

Download link: http://sandsprite.com/CodeStuff/SysAnalyzer_Setup.exe

Tools

Comments

blog comments powered by Disqus