Win32API Tracer Application
TNPLibrary aims at creating an OpenSource Tracing & Patching application that lets you trace any Win32API method from a target process with the ability to patch it at runtime dynamically.
Currently Tracing part is complete and a working version of Tracer is available for Download from SourceForge
Currently offers the ability to:
- Pause/Resume the capture
- Select different functions to trace
- Save the capture logs
Currently has the ability to trace:
- Process/Thread creation/termination
- Registry Key Creation/Deletion
- Socket connection/bind/accept
Tracer.exe Usage Instructions:
- After downloading the zip file from the above link, Start the “Tracer.exe” application from the “DynamicLinked” or “StaticLinked” directory.
- Enter the command line arguments for the target application
- Click on “Start” button.
This should display a window listing the API calls made by the target application. The File|Save option can be used to save the log entries