Reflecting on 16 Years of Work on Adversarial Interoperability
There has been a recent burst of blog posts about adversarial interoperability: Dodging Bullets on the
SpyStudio is the most advanced API monitor, that allows you to break the Operating System’s code execution, intercept and analyze any Win32 API call in real time. SpyStudio shows and interprets calls, displaying the results in a structured way which is easy for any IT professional to understand. SpyStudio can show registry keys and files that an application uses, COM objects and Windows the application has created, and errors and exceptions. When tracking down an application error, SpyStudio can compare a trace of a working application with the trace of the application which has issues. SpyStudio shows the differences in the registry and file system operations, COM object and Windows creations, and the rest of the events. To troubleshoot a virtual application you can compare the virtual application’s trace with the base trace. Using this feature, you can see what is generating the issue. Nektra’s SpyStudio simplifies application virtualization packaging for VMware ThinApp and Symantec Workspace Virtualization. It includes advanced features for application harvesting, and troubleshooting. It is able to package applications with or without installation media in ThinApp environment. SpyStudio is the user-mode Procmon complement. Looking for application errors with kernel-mode traces is tedious, and it is very difficult to see the final outcome of a user-mode call. With kernel-mode tools, you get a lot of noise that the application does not see, since a single user-mode call generates lots of kernel-mode events that are not important from the application’s perspective. Most application errors are generated by failed user-mode calls which expect a different state of some resources: registry keys and values, files, pipes, services and printers. SpyStudio is also able to read Process Monitor logs and show them in a user friendly interface. It shows registry operations in tree form like Regedit and displays errors in red. File operations are also displayed in tree form. SpyStudio can now troubleshoot .NET applications: it logs exceptions, assembly loads, object creation and much more. SpyStudio is also being used in other IT sectors such as the cybersecurity field. The books Malware Forensics: Investigating and Analyzing Malicious Code and Malware Forensics Field Guide for Windows Systems discuss one way SpyStudio can be used to fight malware. SpyStudio is free for any use. You can se see our SpyStudio QuickStart Guide to learn how to start using SpyStudio. For those who need a more specialized solution or a tailored version of SpyStudio we offer our System Software Development Services and Data Loss Prevention Solution Development. Please feel free to Contact us directly. You can see the complete changelog here. You can read SpyStudio Wiki for technical details which includes a QuickStart Guide to learn how to start using SpyStudio. If you have any other question or you want to give us your feedback contact us. SpyStudio simplifies the packaging progress incresing your team’s productivity. Unlike other technologies, SpyStudio doesn’t require to execute the application installer making the whole process faster and easier. SpyStudio is able to detect which components of the application are important to run in a virtual environment. When you create a package, SpyStudio selects by default most important files and keys based on a propietary algorithm developed in years of packaging experience. SpyStudio lets you modify the default selection checking or unchecking files and keys using a simple user interface. SpyStudio doesn’t need to reinstall the application or detect manually changes in its directory. SpyStudio detects changes and apply them to the application package. Using these application templates SpyStudio’s users can package complex applications using a simple wizard. SpyStudio is able to load information from a Symantec Workspace Virtualization layer and convert it to a ThinApp package, or the opposite. This feature reduces your dependency in each technology. There has been a recent burst of blog posts about adversarial interoperability: Dodging Bullets on the At Nektra we develop custom DLP solutions that can be run as individual components or Below, we compare different ways of intercepting network packets, and of filtering and analyzing their In June, 2015 there was an alarming bit of news when people over at the Our Data Loss Prevention Development team used Deviare to add watermarks to printed documents by intercepting XPS RemoteBridge is now open source and available on GitHub as are Deviare Hooking Engine and Deviare-InProc. SpyStudio API Monitor
SpyStudio Product Overview
Trace Application
Compare Traces
Application Virtualization
Application Packaging
Process Monitor Complement
.NET Troubleshoot
Malware Detection
Case Studies:
SpyStudio Downloads
Requirements:
Does not require:
SpyStudio Support
SpyStudio Versions Comparison Table
Feature / Version
Free
Basic Support
Trace Applications
Show summary events for registry, filesystem, COM, etc.
Use SpyStudio for Commercial tasks
Export registry to .REG file format
Troubleshoot applications comparing run logs
(see Compare Traces Example)
Export data to VMware ThinApp and Symantec Endpoint Virtualization
(see Creating VMware ThinApp Packages)
Response time
N/A
48 hours
Escalation of your issues to core developers
Use our templates library to create Office packages
Price
Free
Contact Us
SpyStudio Virtualization
Simplify Application Packaging Process
Smart Resource Selector
Powerful UI
Easy Updates
Application Templates
Technology Independent
Join the 300+ companies trusting Nektra
Latest Articles
Reflecting on 16 Years of Work on Adversarial Interoperability
Comparing Data Loss Prevention Products
Benchmarking Windows Packet-Capture Methods for Windows Driver Development
Is Google Spying on You? How to Quickly Craft an Ad Hoc Security Sandbox
Watermark Printed Documents in Windows
RemoteBridge Is Now Open Source: Inspect and Control Java and COM Objects Remotely in Windows