API自动化跟踪工具 – Malpimp

2013-03-13 183522人围观 ,发现 6 个不明物体 工具

Malpimp是国外安全研究者Amit Malik开发的一款命令行API跟踪和自动化逆向的工具,底层使用了pydbg,非常适合自动化恶意软件分析以及api跟踪的一款软件,可以运行在xp和2003平台上。

特点:

Allows advanced congiguration through Include and Exclude policies to hook DLLs and APIs selectively
Loop detection and dynamic hook removing abilities
Provides good control over application
API calls logging with return address
Command-line tool makes it perfect for scripting and automation

使用方法:

Malpimp.exe <sample_exe> <address>        
            <sample_exe>: Full path of application EXE file
            <address>:    Start address for the API tracing. If you want to  
                          trace directly from entry point then use zero.
Examples:
       Malpimp.exe c:\windows\test.exe 0    

运行如下图:

下载地址

Loading...
css.php