Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/eset/volatility-browserhooks
Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
https://github.com/eset/volatility-browserhooks
malware-detection volatility volatility-framework volatility-plugins
Last synced: 3 months ago
JSON representation
Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
- Host: GitHub
- URL: https://github.com/eset/volatility-browserhooks
- Owner: eset
- License: bsd-2-clause
- Created: 2017-10-03T14:23:54.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2018-12-14T11:32:54.000Z (about 6 years ago)
- Last Synced: 2024-11-01T12:36:04.507Z (3 months ago)
- Topics: malware-detection, volatility, volatility-framework, volatility-plugins
- Language: Python
- Size: 29.3 KB
- Stars: 40
- Watchers: 14
- Forks: 17
- Open Issues: 0
-
Metadata Files:
- Readme: README.adoc
- License: LICENSE
Awesome Lists containing this project
- awesome-volatility - browserhooks - Plugin to detect various types of hooks as performed by banking Trojans (Volatility 2 / Plugins)
README
volatility-browserhooks
=======================
Volatility-browserhooks is a http://www.volatilityfoundation.org[Volatility
Framework] plugin to detect various types of hooks as performed by recent
banking Trojans.
Usage
-----
1. Move `browserhooks.py` to `volatility/plugins/malware` in the
Volatilty Framework path.
2. Run: `python vol.py -f dump_from_compromised_windows_system.vmem
--profile=Win7SP1x64 browserhooks (-D _store_mods)`
Authors
-------
- Peter Kálnai
- Michal Poslušný