Giters

BorjaMerino / hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Home Page:https://github.com/hasherezade/pe-sieve/wiki

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

hollows_hunter

Build status License GitHub release Github All Releases

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Uses PE-sieve (DLL version): https://github.com/hasherezade/pe-sieve.git

Clone:

Use recursive clone to get the repo together with all the submodules:

git clone --recursive https://github.com/hasherezade/hollows_hunter.git

About

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

https://github.com/hasherezade/pe-sieve/wiki

License:BSD 2-Clause "Simplified" License

Languages

Language:C 77.7%Language:C++ 21.3%Language:CMake 1.0%