Similar Tools to NtTrace

There are other tools for Windows that provide a similar sort of functionality to NtTrace.
Here is a short list of some such, with some personal views of their advantages and disadvantages.

Note that Cygwin provides Unix-like strace functionality, but only for Cygwin binaries.

Strace for NT from BindView

Bindview was purchased by Symantec, it can be found on the archive.org web site

(Thanks to Yong Huang for this link)

- Installs a device driver, so must be an administrator
- Must reboot to uninstall
+ Comes with source

http://www.bindview.com/Services/RAZOR/Utilities/Windows/strace_readme.cfm

Strace for Windows from Dr. Memory

Traces a target application from its entry point.

+ also debugs child processes
+ Comes with source

http://www.drmemory.org/strace_for_windows.html

StraceNT from IntellectualHeaven

Traces Win32 calls rather than the native API. This may be better or worse :-)
- No unpacking of arguments
+ Source code (under a BSD-like license)
+ Both command line and GUI interface

http://www.intellectualheaven.com/default.asp?BH=projects&H=strace.htm

Api Monitor from rohitab

- No source code
+ Allows additional Dlls to be traced

http://www.rohitab.com/

Apimon from Microsoft

Traces Win32 calls rather than the native API. This may be better or worse :-)
- No source code
- No unpacking of arguments
- Sometimes unreliable - problems with apidll.dll missing/uninstalled

ApiMon is supplied as one of the Windows Support Tools, various versions of which exist.
For example: Windows XP Service Pack 2 Support Tools

KaKeeware Application Monitor

KaKeeware Application Monitor is a very small API monitor that allows the user to monitor the APIs called by the given application. KAM supports 2378 different APIs as of Jan 2007.

- This program is FREEWARE only for non-commercial use.
- No source code.

http://www.kakeeware.com/i_kam.php

ApiMonitor

Display Win32 API calls made by applications.

- Not free software.
- No source code.

http://www.apimonitor.com/

Api Spy for Windows

Link was broken, Feb 2012

It allows you to examine any known API function`s calls that are resolved during the program load time and are given by APIS32.

- Not free software.
- No source code.

http://www.matcode.com/apis32.htm

Last update: $Date: 2012-03-18 00:52:43 +0000 (Sun, 18 Mar 2012) $