hollows_hunter Logo

hollows_hunter

A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.

2,318
Security Operations Open Source
Pe FileShellcodeMemory ForensicsWindows+1
Visit website
Compare
Compare
0
Explore Security Operations6 AlternativesCompareStacksMarket MapExplore All Tools
MCPThe entire cybersecurity market, one prompt awayTry MCP Access

hollows_hunter Description

hollows_hunter is a process scanning tool that analyzes all running processes on a system to identify potentially malicious implants and modifications. The tool detects various types of malicious activities including: - Replaced or implanted PE (Portable Executable) files - Shellcode injections in process memory - API hooks and function redirections - In-memory patches and modifications Built on the PE-sieve library, hollows_hunter provides automated scanning capabilities to identify processes that have been compromised or modified by malware. The tool can dump detected malicious implants for further analysis. The scanner operates by examining process memory structures and comparing them against expected patterns to identify anomalies that may indicate malicious activity. It supports recursive cloning for development and is available through multiple distribution channels including direct releases and package managers like Chocolatey.

hollows_hunter FAQ

Common questions about hollows_hunter including features, pricing, alternatives, and user reviews.

hollows_hunter is A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.. It is a Security Operations solution designed to help security teams with Pe File, Shellcode, Memory Forensics.

Have more questions? Browse our categories or search for specific tools.

FEATURED

Push Security Logo
Push Security
Zero Trust
CybersecRadars Logo
CybersecRadars
Threat Management
Hudson Rock Logo
Hudson Rock
Threat Management
Get Featured

ALTERNATIVES

Joe Sandbox DEC Logo
Joe Sandbox DEC

Plugin that decompiles malware PE files into readable C code using hybrid analysis.

0
WindowsSCOPE Logo
WindowsSCOPE

A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.

0
CAPA Logo
CAPA

CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.

0
IRTriage Logo
IRTriage

Automated collection tool for incident response triage in Windows systems.

0
capa Logo
capa

Capa is a malware analysis tool that detects capabilities in executable files by analyzing PE, ELF, .NET modules, shellcode, and sandbox reports to identify potential malicious behaviors with ATT&CK framework mapping.

0

POPULAR

RoboShadow Logo
RoboShadow
Vulnerability Assessment
OSINTLeak Real-time OSINT Leak Intelligence Logo
OSINTLeak Real-time OSINT Leak Intelligence
Threat Intelligence Platforms
Cybersec Feeds Logo
Cybersec Feeds
Threat Intelligence Platforms
TestSavant AI Security Assurance Platform Logo
TestSavant AI Security Assurance Platform
AI Red Teaming
Fabric Platform by BlackStork Logo
Fabric Platform by BlackStork
Security Information and Event Management
View Popular Tools →

TRENDING CATEGORIES

Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
524
Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
413
Managed Detection and Response
Managed Detection and Response (MDR) services that provide 24/7 threat monitoring, detection, and response capabilities managed by security experts.
299
Multi-Factor Authentication and Single Sign-On
Multi-factor authentication (MFA) and single sign-on (SSO) solutions for secure user authentication and access control.
296
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
289
View All Categories →

Stay Updated with Mandos Brief

Get strategic cybersecurity insights in your inbox