SocketSpy 4.28 is a Protocol Analyzer product from ircdb.org, get 4 Stars SoftSea Rating, SocketSpy is multipurpose utility initially created for trapping Winsock, SNMPAPI, ICMP calls and network TCP/UDP traffic of already active or new processes. In other words you may investigate already running process or start a new one in Socket Spy debugging environment. SocketSpy can show File I/O operations (KERNEL32.DLL) and Windows Registry (ADVAPI.DLL) operations of tested process. For example, you may capture all network and/or file input/output traffic of IExplore, OutLook Express and other programs. It is possible to capture only file I/O, network I/O, Windows Registry access separately. The utility may be used for trojan and virus finding, high level network protocols study or program reverse engineering. In short form results are presented in as Rich Edit text in output window and the full information may be saved as log file.
SocketSpy is based on Win32 Debug functions, but if tested process wants to know if debugger present, SocketSpy may block this request and tested process will receive an answer "No". Also you may read and write to tested process memory, find binary sequences in memory of tested process, set additional break points on system function or make disassembler of executable code or specific system function. The license of this networking software is Free Trial Software, the price is $34.99, you can free download and get a free trial before you buy. If you want to get a full or nolimited version of SocketSpy, you can buy this networking software.