What's a good, free serial port monitor for reverse-engineering?
I'm reverse-engineering a serial protocol and getting frustrated by bad tools. Does anyone know of a good, free tool for logging data to/from serial ports on Windows?
- Must be free
- Must not take control of the port (i.e. must hook the file APIs or the kernel rather than trying to open the device)
- Must have some sort of filtering features
- Writes either human-readable or binary logs, preferably in an easy to parse format
Any ideas? Portmon works, but its logs are difficult to work with and its filters are effectively useless; I've also tried a few commercial tools and nothing seems to fit the bill.
Portmon from sysinternals (now MSFT) is probably the best monitor.
I haven't found a good free tool that will emulate a port and record/replay comms. The commercial ones were expensive and either so limited or so complex if you want to respond to commands that I ended up using expect and python on a second machine.
I hear a lot of good things about com0com, which is a software port emulator. You can "connect" a physical serial port through it, so that your software uses the (monitored) virtual port, and forwards all traffic to/from a physical port. I haven't used it myself, but I've seen it recommended here on SO a lot.
I've been down this road and eventually opted for a hardware data scope that does non-instrusive in-line monitoring. The software solutions that I tried didn't work for me. If you had a spare PC you could probably build one, albeit rather bulky. This software data scope may work, as might this, but I haven't tried either.
I'd get a logic analyzer and wire it up to the serial port. I think there are probably only two lines you need (Tx/Rx), so there should be plenty of cheap logic analyzers available. You don't have a clock line handy though, so that could get tricky.
Oops, can't comment yet (!) but re: Nick and logic analyser, beware: RS232 signal levels not typically Logic Analyser compatible unless you get/make a special serial probe. A 'proper' RS232/Serial port can use +/-12v swings (on all signals) and sometimes more. A laptop sometimes uses 0-5v swings (and often won't work with real serial interfaces) so could work with a vbasic 'ttl-level' LA interface.