hollows_hunter Logo

hollows_hunter

0
Free
Visit Website

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). Uses: PE-sieve (the library version). PE-sieve FAQ - Frequently Asked Questions Read Wiki Clone Use recursive clone to get the repo together with all the submodules: git clone --recursive https://github.com/hasherezade/hollows_hunter.git Builds Download the latest release, or read more. Available also via Chocolatey

FEATURES

ALTERNATIVES

A tool designed to handle archive file data and augment Yara's capabilities.

A simple JWT token brute force cracker

Studying Android malware behaviors through Information Flow monitoring techniques.

A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.

A tool for reading Portable Executable (PE) files with detailed information about the file structure.

A tool that generates pseudo-malicious files to trigger YARA rules.

A framework for reverse engineering Flutter apps with modified Flutter library for dynamic analysis and traffic monitoring.

A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.