Monitoring API calls on operating system is important to verify what the application is changing on the system. API monitor is a program that can be used to monitor and display API-calls made by various applications and services. It is a very good tool for investigating different malwares in sandbox.
Features for the API Monitor include the following:
- Supporting 64-bit Windows
- Summary View with Syntax Highlighting- 13,000+ API Definitions, 1,300+
- Structures, Unions, Enums and Flags
- Buffer View
- Displays a call tree which shows the hierarchy of API calls
- Decode Parameters and Return Values
- API Monitor lets you control the target application by setting breakpoints on API calls
- Monitor now allows monitoring of any API from any DLL without requiring XML definitions to created
- Includes a memory editor that lets you view, edit and allocate memory in any process
- Includes dynamic call filtering capabilities which allows you to hide or show API calls based on a certain criteria
- Supports monitoring of COM Interfaces
- When an API call fails, API Monitor can call an appropriate error function to retrieve additional information about the error.
- API Monitor lets you capture and view the call stack for each API call.
- The GUI is completely written and provides a number of useful features with a pre-defined or custom layout options.
- The Running Processes window displays a list of running processes and services that can be hooked.
- Monitoring Windows Services
- Creating definitions for any DLL.
- The Hooked Processes window displays processes that are previously hooked or are currently being monitored
The program can also be used to sniff internet explorer or Firefox encrypted SSL traffic or to check email content for further investigation and also to find critical vulnerabilities in operating system or applications.
You can download the latest version at the official website: http://www.rohitab.com/downloads