Skip to main content

Foundstone .NET Mon

For the Impatient

Download Binaries -

Download User Guide -

For the Less Impatient

Flow tracing is an useful part of application debugging and analysis.
For every test case written to check the reliability of the code, the
ability to follow the execution flow and check for code coverage seems
to be of immense value to developers, debuggers, and testers. Foundstone
introduces .NETMon(tm) to equip developers and debuggers with a tool
which will allow them do organized flow tracing of applications and to
identify security loopholes.

The .NET Common Language Runtime (CLR) provides many features for better
application development. Some of these features include a comprehensive
class library, interoperability with native code, and cross language
exception handling. Another, not so widely known, feature of the .NET
framework is the .NET profiling API. This API is capable of providing a
substantial amount of runtime information about any .NET application.

The CLR is the heart for any .NET application execution and provides
place holders to insert hooks to study the details of the program at
runtime. The hooks are capable of providing very detailed information
about the system level working of a process.

The information from these hooks can be used to build tools capable of
analyzing code timings, exception handling, and memory usage.
Foundstone's interest in the profiling API was to develop a flow
analysis tool that gives auditors the capability of following the flow
of function calls to better understand the code execution and ferret out
the vulnerabilities that may exist in the application.

The profiling APIs do not require any code additions or modification
which eliminates any changes needed to profile an application. Its event
driven design allows the definition of the events that should be sent to
the 'listener' application. With the current version, there is some
performance impact because the events are being monitored by the
FunctionEnter and FunctionLeave hooks which are fired for each Managed
Method executed by the CLR. This issue will be addressed in the next
version of .NETMon which will resolve the function's signature (return
type, namespace, method name and parameters) asynchronously.
Post a Comment

Popular posts from this blog

Compact and Repair an Access Database. Add Ref. to : AdoDb, Jro

< ?xml version="1.0" encoding="utf-8" ?>

using ADODB;
using JRO;
using System.Configuration;
using System.Data.OleDb;
using System.IO;

public class CompactAndRepairAccessDb : System.Windows.Forms.Form
private System.ComponentModel.Container components = null;
private JRO.JetEngine jro;
private System.Windows.Forms.Button btnConfirm;
private System.Windows.Forms.TextBox tbxOriginalDbSize;
private System.Windows.Forms.TextBox tbxCompactedDbSize;
private OleDbConnection cnn;

public CompactAndRepairAccessDb() {

FileInfo fi = new FileInfo( ConfigurationSettings.AppSettings["PathOriginal"] );
int s = Convert.ToInt32( fi.Length/1000 );
this.tbxOriginalDbSize.Text = s.ToString() + " kb";

private void btnConfirm_Click(object sender, System.EventArgs e) {
// First close all instances of the database

VBScript to Automate login into gmail

Dim IE
Dim crtScreen
Set IE = CreateObject("InternetExplorer.Application")
USERNAME = "saudaziz"

With IE
.navigate ""
End With

'wait a while until IE as finished to load
Do while IE.busy
set WshShell = WScript.CreateObject("WScript.Shell")
Do While UCase(IE.Document.readyState) <> "COMPLETE"
WScript.Sleep 100
set WshShell=nothing
IE.document.all.Item("Email").value = USERNAME
IE.document.all.Item("pASSWD").value =pASSWORD
Set IE = Nothing