API Monitor v1.3.1.404-Lz0 | 2 MB
API Monitor is a software that lets you monitor and control API calls made by applications and services. Its a powerful tool for seeing how applications and services work or for tracking down problems that you have in your own applications.
FEATURES :
64-bit Support
API Monitor supports monitoring of 64-bit applications and services. The 64-bit version can only be used to monitor 64-bit applications and the 32-bit version can be only be used to monitor 32-bit applications. To monitor a 32-bit application on 64-bit Windows, you must use the 32-bit version. Note that the 64-bit installer for API Monitor includes both 64-bit and 32-bit versions.
10,000+ API Definitions, 850+ COM Interfaces
API Monitor comes with API Definitions for over 10,000 API’s from 172 DLL’s and almost 9000 methods from 900+ COM Interfaces (Shell, Web Browser, DirectShow, DirectSound, DirectX, Direct2D, DirectWrite, Windows Imaging Component, Debugger Engine, MAPI etc). API’s are organized into categories and sub-categories (as specified in MSDN). The API Capture filter enables you to to select API’s for monitoring.
Structures, Unions, Enums and Flags
API Monitor can decode and display 2000 different structures and unions, 1000+ Enumerated data types, 800+ flags. Buffers and arrays within structures can also be viewed.
Buffer View
API Monitor can display both input and output buffers. The amount of data displayed is automatically calculated from other arguments to the API or from the API return value. The maximum amount of data to be captured is configurable. The following screenshot shows the buffer after a ReadFile API call. The length lpBuffer is calculated by looking at the value of lpNumberOfBytesRead after the API call has executed. In this case, the value returned was 174 and that is the length of the buffer displayed.
Call Tree
API Monitor displays a call tree which shows the hierarchy of API calls. The following screenshot displays a call tree for a CoInitializeEx call made by notepad.exe on 64-bit Vista.
Decode Parameters and Return Values
Both parameters and return values can be displayed in a user-friendly format. The first screenshot below shows the normal view with the parameter values displayed as-is. The second screenshot displays the decoded parameter values. For dwShareMode, API Monitor displays FILE_SHARE_DELETE | FILE_SHARE_READ instead of 5, when the Decode Parameter Values option is enabled. This option is available both in the parameters pane and the summary pane.
Breakpoints
API Monitor lets you control the target application by setting breakpoints on API calls. Breakpoints can be triggered before an API call, after an API call, on API failure or if the API generates an exception. Pre-call Breakpoints allow you to modify parameters before they are passed to the API, or to skip the API call and specify the return value and last error code. Post-call and Error Breakpoints allow you to modify parameters, return value and last error code before they are passed back to the caller. Exception Breakpoints allow you to catch the exception to prevent the target application from a possible crash. Global breakpoints can also be triggered on API errors and exceptions. Full Auto-complete support is available for all supported enumerated data types and flags.
Process Memory Editor
API Monitor includes a memory editor that lets you view, edit and allocate memory in any process. The memory editor also allows you to change the protection of memory regions. During a breakpoint, the memory editor can be used to view and modify buffers in the target process. Right-click on any process or service in the Running Process window to launch the memory editor.
COM Monitoring
API Monitor supports monitoring of COM Interfaces. The following screenshot displays COM method calls made by DirectShow GraphEdit.
Decode Error Codes
When an API call fails, API Monitor can call an appropriate error function to retrieve additional information about the error. GetLastError, CommDlgExtendedError, WSAGetLastError functions are supported. In addition, NTSTATUS and HRESULT error codes can be displayed in a friendly format. In the following screenshot, the API connect failed. API Monitor determined the error code by calling WSAGetLastError and displayed both the error code and the error message in red.
AND MANY MORE
HOME :
http://www.rohitab.com/apimonitor
DOWNLOAD :
No comments:
Post a Comment