SysAnalyzer Updates

Author: David Zimmer
Date: 08.28.12 - 6:50am

I have been working the last couple weekends to update SysAnalyzer so that it works with Vista/Win7 and can operate in a 64bit aware manner.

Some of the new APIs make tasks like getting the port/process list much easier. Some of the permission restrictions make other things more annoying.

Everything should be working now, although some features are limited to 32 bit processes only until i code up an x64 helper app to do things like inject dlls, do memory dumps etc.

Couple other additions:
  • main form now resizable (that only took 7yrs!)
  • list view column header sorting
  • now has tcpdump option to take full pcap
  • more filtering on directory watch captures
  • sniffhit now defaults to non-promiscious mode
  • api_log.dll now hooks and ignores calls to sleep
  • api_log supports config (and runtime reconfig) options
  • api_logger.exe expanded and includes preliminary log parser
  • sysanalyzer now has scan for RWE injections, memory map, scan for dll features.
  • added procwatch application (log new process creation)

Comments: (3)

On 10.28.12 - 2:36pm Anonymous wrote:
hi.can you update the installer link please. thanks.

On 10.29.12 - 7:27am Dave wrote:
Updated thanks!

On 01.15.18 - 7:06pm Azul wrote:
I want to use the tool and see the potential that it has

Leave Comment:
Email: (not shown)
Message: (Required)
Math Question: 33 + 1 = ? followed by the letter: Z 

About Me
More Blogs
Main Site
Yara WorkBench
vbdec dbg updates
vb6 PCode NOP
vb6 API and call backs
how pcode works Pt1
Reversing PCode Args
VB6 PCode Disassembly
VB6 PCode Debugger
UConnect Disable Cell Modem
IDA python over IPC
dns wildcard blocking
64bit IDA Plugins
anterior lines
misc news/updates
Decoders again
CDO.Message Breakpoints
SysAnalyzer Updates
SysAnalyzer and Site Updates
crazy decoder
ida js w/dbg
flash patching #2
JS Graphing
packet reassembly
Delphi IDA Plugin
scdbg IDA integration
API Hash Database
Winmerge plugin
IDACompare Updates
Guest Post @ hexblog
TCP Stream Reassembly
SysAnalyzer Updates
Apilogger Video
Shellcode2Exe trainer
scdbg updates
IDA Javascript w/IDE
Rop Analysis II
scdbg vrs ROP
flash patching
x64 Hooks
micro hook
jmp api+5 *2
SysAnalyzer Updates
InjDll runtime config
C# Asm/Dsm Library
Shellcode Hook Detection
Updates II
Java Hacking
Windows 8
Win7 x64
Graphing ideas
.Net Hacking
Old iDefense Releases
hll shellcode
ActionScript Tips
-patch fu
scdbg ordinal lookup
scdbg -api mode
Peb Module Lists
scdbg vrs Process Injection
GetProcAddress Scanner
scdbg fopen mode
scdbg findsc mode
scdbg MemMonitor
demo shellcodes
scdbg download
api hashs redux
Api hash gen
Retro XSS Chat Codes
Exe as DLL
Olly Plugins
Debugging Explorer
Attach to hidden process
JS Refactoring
Asm and Shellcode in CSharp
Fancy Return Address
PDF Stream Dumper
Malcode Call API by Hash
WinDbg Cheat Sheet
GPG Automation