Hello,
i am looking for a tool that will allow me to analyze a program regarding every step it takes.
heres the scenario, i work in a corporation and one of our vendors needs to test out some things on our network, and they want us to run a program that will collect information from our network to there. now i need to know exactly what this progam does, like what commands are being run, and what the program is accessing. i have used a program that does this before, problem is that i have forgotten the name of the application that can do this.
any help ?
Thanks
Easier on some operating systems than others !
For showing system calls
Linux - strace
Solaris/OpenBSD - truss
MacOS X - ktrace
Windows - Process Explorer - http//
For file accesses
Linux/UNIX/OS X - lsof
Windows - Process Explorer again -)
If you want to know what it is sending accross the network, then Wireshark is good for all the above OSs. http//
Just an addendum to azrael's thorough reply,
Process Monitor which features the old Sysinternal's RegMon and FileMon should help too if you are looking for a Windows solution.
Greetings,
Can you ask for the source code for the tool, examine it, compile it yourself, and then run your own compiled copy? This would also allow you to compile it with debugging options that will enhance the capabilities of the various tools suggested above.
-David