OSpy


From SynCE-Wiki

(Difference between revisions)
Revision as of 15:35, 4 June 2006
Synce (Talk | contribs)

← Previous diff		 Revision as of 09:39, 20 December 2006
Twogood (Talk | contribs)
SocketSpy moved to OSpy
Next diff →

Revision as of 09:39, 20 December 2006

SocketSpy is a reverse-engineering tool that works by intercepting APIs in order to get traces that are as close to the original application as possible. It's got special optimizations for intercepting ActiveSync's internal debugging facilities and changes to its UI. Applications to be monitored are injected with an agent that intercepts APIs and logs to a shared memory area. An arbitrary number of processes can be monitored simultanously, and any data captured has information about in which process it happened and which thread within that process, as well as return address of the API function. The latter makes it easy to locate the interesting code dealing with that particular API in a given context.

SocketSpy web site

Retrieved from "http://www.synce.org/oldwiki/index.php/OSpy"