Socket Spy is multipurpose utility initially created for trapping Winsock, SNMPAPI, ICMP calls and network TCP / UDP traffic of already active or new processes.
Version: 4.28Socket Spy is multipurpose utility initially created for trapping Winsock, SNMPAPI, ICMP calls and network TCP / UDP traffic of already active or new processes.
License: Free To Try $34.99
Operating System: Windows
In other words you may investigate already running process or start a new one in Socket Spy debugging environment. SocketSpy can show File I / O operations (KERNEL32.DLL) and Windows Registry (ADVAPI.DLL) operations of tested process.
For example, you may capture all network and / or file input / output traffic of IExplore, OutLook Express and other programs. It is possible to capture only file I / O, network I / O, Windows Registry access separately.
The utility may be used for trojan and virus finding, high level network protocols study or software reverse engineering. In short form results are presented in as Rich Edit text in output window and the full information may be saved as log file.
SocketSpy is based on Win32 Debug functions, but if tested process wants to know if debugger present, SocketSpy may block this request and tested process will receive an answer "No".
Also you may read and write to tested process memory, find binary sequences in memory of tested process, set additional break points on system function or make disassembler of executable code or specific system function.