When utilizing these powerful tools, or taking advantage of working with others, IT Asset Management tools and programs can help in your networked collaboration.


The WinIo library allows 32-bit Windows applications to directly access I/O ports and physical memory. It bypasses Windows protection mechanisms by using a combination of a kernel-mode device driver and several low-level programming techniques.


ProcSpy32 is a Visual Basic utility which monitors the execution and termination of processes under Windows 9x. It uses an OCX component and a device driver that work in tandem to receive notifications from the system whenever a process is started or terminated. You are free to use the bundled ProcSpy OCX and its source code for any purpose.


NtDriverList is a user-mode console application which takes advantage of the undocumented NtQuerySystemInformation API to obtain a list of loaded drivers under Windows NT. Source code is included !


StickyApp32 is a tiny visual basic application which is resistant to termination attempts from the Windows NT task manager. It does this by establishing a hook on the OpenProcess API and modifying the return value of this function. Complete source code is included !


API spying utilities are the most powerful tools for exploring the internal structure of applications and operating systems. They provide tons of information and enable the user to explore the "guts" of the application under test. Unfortunately, most API spying utilities can monitor only one application at a time and also have the tendency to break apart when used with large pieces of code. APISpy32 is a different type of API interceptor which solves most of these problems. It monitors API calls made by ALL active Windows applications and logs the values of input parameters. This version works under Windows 9x/NT/2000 and ME.

Copyright © 1997-2010 Yariv Kaplan