CDA (previously known as Function Hacker) is a dynamic code analysis process instrumentation tool for x86 targets that is easy to use. It records both inter-modular and intra-modular calls, allows for easy filtering of recorded data, and allows visualization of the resulting data. It is particularly useful for quickly analyzing the observed functionality of malware and locating difficult to find code regions.
CDA works on a start/stop recording approach. After attaching to the target process, clicking on Start Recording results in recording all the function calls until Stop Recording is clicked.
CDA v1.0 runs on both Windows x86 and x64, but can only attach to processes running in 32-bit mode.