SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states.

SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system.

SysAnalyzer can automatically monitor and compare:
Running Processes
Open Ports
Loaded Drivers
Injected Libraries
Key Registry Changes
APIs called by a target process
File Modifications
HTTP, IRC, and DNS traffic

SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:
Create a memory dump of target process
parse memory dump for strings
parse strings output for exe, reg, and url references
scan memory dump for known exploit signatures

Full GPL source for SysAnalyzer is included in the installation package.

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课