Monitoring API calls on operating system is important to verify what the application is changing on the system. API monitor is a program that can be used to monitor and display API-calls made by various applications and services. It is a very good tool for investigating different malwares in sandbox.
Features for the API Monitor include the following:
Supporting 64-bit Windows
Summary View with Syntax Highlighting- 13,000+ API Definitions, 1,300+
Structures, Unions, Enums and Flags
Buffer View
Displays a call tree which shows the hierarchy of API calls
Decode Parameters and Return Values
API Monitor lets you control the target application by setting breakpoints on API calls
Monitor now allows monitoring of any API from any DLL without requiring XML definitions to created
Includes a memory editor that lets you view, edit and allocate memory in any process
Includes dynamic call filtering capabilities which allows you to hide or show API calls based on a certain criteria
Supports monitoring of COM Interfaces
When an API call fails, API Monitor can call an appropriate error function to retrieve additional information about the error.
API Monitor lets you capture and view the call stack for each API call.
The GUI is completely written and provides a number of useful features with a pre-defined or custom layout options.
The Running Processes window displays a list of running processes and services that can be hooked.
Monitoring Windows Services
Creating definitions for any DLL.
The Hooked Processes window displays processes that are previously hooked or are currently being monitored
The program can also be used to sniff internet explorer or Firefox encrypted SSL traffic or to check email content for further investigation and also to find critical vulnerabilities in operating system or applications.