Monitoring Api Calls On Windows With Maltrap
|
|
|
||||||||||||
Description:
MalTrap is a research utility that monitors malware behavior by intercepting API calls on Windows and logging results. Though still in it's Alpha release and sparse on features, its a very interesting and useful tool. The video below contains a demo of Maltrap run on VNC and Winamp. I demonstrate how the network activity can be detected using the logging info created by Maltrap.
I have a couple of requests for the Maltrap team:
1. Make your software open source so others can contribute
2. Allow users to select which API calls they want to monitor and have logged
3. Allow a search feature on the logging dump (workaround right now is to use notepad)
4. Allow a matrix style freezing of the API calls and for the users to tamper with the inputs to the call or output from the call
Anyways, its a great tool and would highly recommend you all to try it. You can download it here.
I have a couple of requests for the Maltrap team:
1. Make your software open source so others can contribute
2. Allow users to select which API calls they want to monitor and have logged
3. Allow a search feature on the logging dump (workaround right now is to use notepad)
4. Allow a matrix style freezing of the API calls and for the users to tamper with the inputs to the call or output from the call
Anyways, its a great tool and would highly recommend you all to try it. You can download it here.