SysAnalyzer Updates


Author: David Zimmer
Date: 08.28.12 - 6:50am



I have been working the last couple weekends to update SysAnalyzer so that it works with Vista/Win7 and can operate in a 64bit aware manner.

Some of the new APIs make tasks like getting the port/process list much easier. Some of the permission restrictions make other things more annoying.

Everything should be working now, although some features are limited to 32 bit processes only until i code up an x64 helper app to do things like inject dlls, do memory dumps etc.

Couple other additions:
  • main form now resizable (that only took 7yrs!)
  • list view column header sorting
  • now has tcpdump option to take full pcap
  • more filtering on directory watch captures
  • sniffhit now defaults to non-promiscious mode
  • api_log.dll now hooks and ignores calls to sleep
  • api_log supports config (and runtime reconfig) options
  • api_logger.exe expanded and includes preliminary log parser
  • sysanalyzer now has scan for RWE injections, memory map, scan for dll features.
  • added procwatch application (log new process creation)
Installer




Comments: (3)

On 10.28.12 - 2:36pm Anonymous wrote:
hi.can you update the installer link please. thanks.

On 10.29.12 - 7:27am Dave wrote:
Updated thanks!

On 01.15.18 - 7:06pm Azul wrote:
I want to use the tool and see the potential that it has

 
Leave Comment:
Name:
Email: (not shown)
Message: (Required)
Math Question: 31 + 95 = ? followed by the letter: O 



Twitter
RSS
About Me
More Blogs
Main Site
Posts: (All)
2020 ( 6 )
2019 ( 12 )
2017 ( 5 )
2016 ( 4 )
2015 ( 6 )
2014 ( 5 )
2013 ( 9 )
2012 (13)
     flash patching
     x64 Hooks
     micro hook
     jmp api+5 *2
     SysAnalyzer Updates
     InjDll runtime config
     C# Asm/Dsm Library
     Shellcode Hook Detection
     Updates II
     findDll
     Java Hacking
     Windows 8
     Win7 x64
2011 ( 19 )
2010 ( 11 )
2009 ( 1 )