There are other tools for Windows that provide a similar sort of functionality to NtTrace.
Here is a short list of some such, with some personal views of their advantages and disadvantages.
Note that Cygwin provides Unix-like strace functionality, but only for Cygwin binaries.
Strace for NT from BindView
- - Installs a device driver, so must be an administrator
- - Must reboot to uninstall
- + Comes with source
http://www.bindview.com/Services/RAZOR/Utilities/Windows/strace_readme.cfm
StraceNT from IntellectualHeaven
- Traces Win32 calls rather than the native API. This may be better or worse :-)
- - No source code
- - No unpacking of arguments
- + Both command line and GUI interface
http://www.intellectualheaven.com/default.asp?BH=projects&H=strace.htm
Apimon from Microsoft
- Traces Win32 calls rather than the native API. This may be better or worse :-)
- - No source code
- - No unpacking of arguments
- - Sometimes unreliable - problems with apidll.dll missing/uninstalled
ApiMon is supplied as one of the Windows Support Tools, various versions of which exist.
For example:
Windows XP Service Pack 2 Support Tools
KaKeeware Application Monitor
KaKeeware Application Monitor is a very small API monitor that allows the user to monitor the APIs called by the given application.
KAM supports 2378 different APIs as of Jan 2007.
- - This program is FREEWARE only for non-commercial use.
- - No source code.
http://www.kakeeware.com/i_kam.php
ApiMonitor
Display Win32 API calls made by applications.
- - Not free software.
- - No source code.
http://www.apimonitor.com/
Api Spy for Windows
It allows you to examine any known API function`s calls that are resolved during the program load time and are given by APIS32.
- - Not free software.
- - No source code.
http://www.matcode.com/apis32.htm
Last update: $Date: 2007/01/20 23:42:24 $