Giters

hasherezade / hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Home Page:https://github.com/hasherezade/hollows_hunter/wiki

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

anti-malwaremalware-analysismalware-detectionmemory-forensicspe-sieve

hollows_hunter

Build status Codacy Badge Commit activity Last Commit

GitHub release GitHub release date Github All Releases Github Latest Release

License Platform Badge

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

📦 Uses: PE-sieve (the library version).

PE-sieve FAQ - Frequently Asked Questions

📖 Read Wiki

Clone

Use recursive clone to get the repo together with all the submodules:

git clone --recursive https://github.com/hasherezade/hollows_hunter.git

Builds

Download the latest release, or read more.

Available also via Chocolatey

About

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

https://github.com/hasherezade/hollows_hunter/wiki

anti-malwaremalware-analysismalware-detectionmemory-forensicspe-sieve

License:BSD 2-Clause "Simplified" License

Languages

Language:C 60.8%Language:C++ 36.9%Language:CMake 2.2%Language:Shell 0.1%