API自动化跟踪工具 – Malpimp

  • A+
所属分类:神兵利刃

Malpimp是国外安全研究者Amit Malik开发的一款命令行API跟踪和自动化逆向的工具,底层使用了pydbg,非常适合自动化恶意软件分析以及api跟踪的一款软件,可以运行在xp和2003平台上。

特点:

Allows advanced congiguration through Include and Exclude policies to hook DLLs and APIs selectively
Loop detection and dynamic hook removing abilities
Provides good control over application
API calls logging with return address
Command-line tool makes it perfect for scripting and automation

使用方法:

Malpimp.exe <sample_exe> <address>        
            <sample_exe>: Full path of application EXE file
            <address>:    Start address for the API tracing. If you want to  
                          trace directly from entry point then use zero.
Examples:
       Malpimp.exe c:\windows\test.exe 0    

运行如下图:

API自动化跟踪工具 – Malpimp

下载地址

  • 我的微信
  • 这是我的微信扫一扫
  • weinxin
  • 我的微信公众号
  • 我的微信公众号扫一扫
  • weinxin

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: