알아두면 좋은 툴 / 디버깅에 필요한 툴 / 리버스 엔지니어링(reverse engineering) 에 도움이 되는 툴
System Monitoring Tools
TCPView
Active socket command-line viewer.
WinObj
The ultimate Object Manager namespace viewer is here.
Process Explorer
Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.
PortMon
v3.03 (January 12, 2012)
Monitor serial and parallel port activity with this advanced monitoring tool. It knows about all standard serial and parallel IOCTLs and even shows you a portion of the data being sent and received. Version 3.x has powerful new UI enhancements and advanced filtering capabilities.
Process Monitor
Monitor file system, Registry, process, thread and DLL activity in real-time
아래의 tool 들은 더 이상 지원하지 않고, Process Monitor 로 대체되었다.[2]
- Filemon - 2005
- Regmon - 2005
- TDIMon (with pdh.dll) - 2000
Process Explorer
Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.
References
- 해킹 프로그램 분석 - (1)동적분석, 2009년
- Discontinued tools: Filemon, Regmon, TDIMon, 2013년 4월
댓글 없음:
댓글 쓰기