Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hasherezade/hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
https://github.com/hasherezade/hollows_hunter
anti-malware malware-analysis malware-detection memory-forensics pe-sieve
Last synced: 3 months ago
JSON representation
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
- Host: GitHub
- URL: https://github.com/hasherezade/hollows_hunter
- Owner: hasherezade
- License: bsd-2-clause
- Created: 2018-01-11T17:07:17.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2024-04-07T22:54:09.000Z (3 months ago)
- Last Synced: 2024-04-08T23:06:43.287Z (3 months ago)
- Topics: anti-malware, malware-analysis, malware-detection, memory-forensics, pe-sieve
- Language: C
- Homepage: https://github.com/hasherezade/hollows_hunter/wiki
- Size: 12.2 MB
- Stars: 1,866
- Watchers: 64
- Forks: 246
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- my-awesome-stars - hollows_hunter - memory patches). | hasherezade | 1701 | (C)
- awesome-threat-detection - hollows_hunter - Scans all running processes, recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (Tools)
- awesome-hacking-lists - hollows_hunter - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (C (286))
- awesome-csirt - A process scanner detecting and dumping hollowed PE modules.
- Awesome-Threat-Detection - hollows_hunter - Scans all running processes, recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (Threat Detection and Hunting / Tools)
- awesome-stars - hasherezade/hollows_hunter - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (malware-analysis)
- awesome-csirt - A process scanner detecting and dumping hollowed PE modules.
- repo-2396-awesome-threat-detection - hollows_hunter - Scans all running processes, recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (Threat Detection and Hunting / Tools)
- awesome-stars - hasherezade/hollows_hunter - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (C)
- awesome-hacking-lists - hollows_hunter - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (C)
- repo-2430-awesome-threat-detection - hollows_hunter - Scans all running processes, recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (Threat Detection and Hunting / Tools)
- awesome-cyber-security - **398**星 - memory patches). (<a id="132036452bfacf61471e3ea0b7bf7a55"></a>工具 / <a id="de63a029bda6a7e429af272f291bb769"></a>未分类-Scanner)
- awesome-cyber-security - **385**星 - memory patches). (<a id="8f92ead9997a4b68d06a9acf9b01ef63"></a>扫描器&&安全扫描&&App扫描&&漏洞扫描 / <a id="de63a029bda6a7e429af272f291bb769"></a>未分类-Scanner)
- awesome-hacking-lists - hasherezade/hollows_hunter - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). (C)
README
# hollows_hunter
[](https://ci.appveyor.com/project/hasherezade/hollows-hunter)
[](https://app.codacy.com/gh/hasherezade/hollows_hunter/dashboard?branch=master)
[](https://github.com/hasherezade/hollows_hunter/commits)
[](https://github.com/hasherezade/hollows_hunter/commits)
[](https://github.com/hasherezade/hollows_hunter/releases)
[](https://github.com/hasherezade/hollows_hunter/releases)
[](https://github.com/hasherezade/hollows_hunter/releases)
[](https://github.com/hasherezade/hollows_hunter/releases)
[](https://github.com/hasherezade/hollows_hunter/blob/master/LICENSE)
[](https://github.com/hasherezade/hollows_hunter)
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
📦 Uses: [PE-sieve](https://github.com/hasherezade/pe-sieve.git) (the [library version](https://github.com/hasherezade/pe-sieve/wiki/2.-How-to-build)).
❓ [PE-sieve FAQ - Frequently Asked Questions](https://github.com/hasherezade/pe-sieve/wiki/1.-FAQ)
📖 [Read Wiki](https://github.com/hasherezade/hollows_hunter/wiki)
## Clone
Use recursive clone to get the repo together with all the submodules:
```console
git clone --recursive https://github.com/hasherezade/hollows_hunter.git
```
## Builds
Download the latest [release](https://github.com/hasherezade/hollows_hunter/releases), or [read more](https://github.com/hasherezade/hollows_hunter/wiki#download).
 Available also via [Chocolatey](https://community.chocolatey.org/packages/hollowshunter)