From aldeid
Jump to: navigation, search


SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare:

  • Running Processes
  • Open Ports
  • Loaded Drivers
  • Injected Libraries
  • Key Registry Changes
  • APIs called by a target process
  • File Modifications
  • HTTP, IRC, and DNS traffic

SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:

  • Create a memory dump of target process
  • parse memory dump for strings
  • parse strings output for exe, reg, and url references
  • scan memory dump for known exploit signatures

Full GPL source for SysAnalyzer is included in the installation package.


Download link:



blog comments powered by Disqus