Reverse engineering tools to analyze the port dataflow

Olga Weis
Reverse engineering tools


  1. What is Reverse Engineering and How is it Used?
  2. Reverse Engineering of Serial and USB Devices
  3. Serial Port Monitor and USB Analyzer as Reverse Engineering Software Tools
  4. Features of Serial Port Monitor and USB Analyzer

What is Reverse Engineering and How is it Used?

Reverse engineering is a common practice in many industries. It is the process of duplicating an existing component or product without the help of documentation, computer models or drawings. It involves a number of steps where the reverse engineers attempt to identify the components of the product in question and understand the relationships between those components.

The process of reverse engineering a product often involves a “black box” approach, where various inputs and their related outputs are studied in an attempt to decipher their effect on its functionality. After understanding the basics of how the system works, the next step is to develop an abstract representation of the components and their interactions. Finally, this abstraction is used to physically create a representation of the original system, attempting to fully duplicate its functionality.

Reverse engineering is employed in many fields, such as consumer products, software engineering, chemicals, and electronics. The practice can be a way around patents and proprietary processes that a manufacturer or developer is reluctant to share with competitors. Successful reverse engineering can result in products that are brought to market quickly, without the need for creating designs from scratch.

There are a number of reasons that reverse engineering is used by manufacturers and companies. Here are some of them:

  • A product is no longer produced by the original manufacturer or the original manufacturer no longer exists but a product is required by a customer.
  • Inadequate documentation exists for the original product.
  • Analysis of both positive and negative features of a competitor's product. This can lead to competitive advantages as new designs can focus on weak points in the original product.
  • The original manufacturer may be unwilling to sell parts or charge an inflated price for important replacement parts.

Based on the industry or product you are attempting to reverse engineer, there may be the need to use specialized tools to understand the original item’s functionality in order to proceed.

Reverse Engineering of Serial and USB Devices

A case where specialized tools are instrumental in the ability to reverse engineer a product or component is when working with serial and USB ports and devices. Going back to the concept of the “black box”, the primary inputs and outputs of serial and USB devices are streams of data that need to be analyzed in order to determine the component’s function. Reverse engineering of USB ports and devices demands a way to capture these data streams.

Without adequate tools to assist in this analysis, the reverse engineer would have to spend inordinate amounts of time to enact their analysis on USB and serial device and port activity. To properly reverse engineer USB devices and equipment of this type you need reverse engineering software tools that can assist in monitoring and understanding the device’s input and output activity.

Serial Port Monitor and USB Analyzer as Reverse Engineering Software Tools

If you are attempting to reverse engineer serial or USB devices or applications that use those ports, then these two tools are great additions to your toolbox. Their full compatibility with both 32 and 64-bit version of Windows make them excellent Windows reverse engineering tools.

Using these software applications will allow you to monitor and capture all serial and USB data transmission, enabling you to study a device’s behavior thoroughly as you strive to reverse engineer it. You will find them indispensable assets in understanding the functionality of the device or process you are attempting to replicate.

Features of Serial Port Monitor and USB Analyzer

Two software applications that can be used as reverse engineering tools are Eltima Software’s Serial Port Monitor and USB Analyzer. These utilities are designed to provide many features to those technicians working with serial and USB devices and can be crucial in the process of serial and USB reverse engineering. Let’s take a look at the features that these applications offer.

Serial Port Monitor

Serial Port Monitor

Serial Port Monitor (SPM) is a full-featured utility for working with serial devices and ports. Among the features this tool provides are:

  • Analysis of serial port activity - SPM can connect to any COM port to begin sniffing immediately. This is true even for ports already in use by other applications. Data is captured in real time and presented in a variety of views to facilitate problem resolution. Your data can be sent to a file or the clipboard for further analysis at a later time.
  • Ability to monitor multiple ports in one session - data sent and received from these devices is recorded on a first-in-first-out basis for easier analysis.
  • Different data views - SPM offers 4 views that can be seen concurrently or on their own. Choose from table, line, dump, and terminal views using filtering and capture options to tailor the data presentation to your specifications.
  • Emulation of data transmission to serial devices - terminal mode allows you to send data to monitored ports in various formats as if it was sent by your monitored application.
  • Modbus RTU and Modbus ASCII are fully supported
  • Playback and Session Comparison - this feature allows you to send the same data to a port multiple times to monitor the differences. Session comparison can automatically highlight these differences for you and present the results.

USB Analyzer

USB Analyzer

USB Analyzer includes many features that are required to perform USB reverse engineering tasks. Some of the features that this tool offers are:

  • Monitor USB activity - real-time analysis of data from connected USB devices can be obtained as a raw hex dump or can be displayed as decoded and readable text.
  • Capture, save and export USB data - IRPs, URBs, IOCTLs, and data transferred through USB hubs is captured and can be saved in binary format or exported to plain text, CSV, XML or HTML.
  • Monitored packet display - concise packet information is displayed during monitoring and you can select any packet for more in-depth information.
  • Dynamic filtering - filtering options let you see just the data you want to monitor.
  • Automatically see corresponding IN/OUT packets - no need to manually switch between incoming and outgoing packets.