hollows_hunter
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
hollows_hunter
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
hollows_hunter Description
hollows_hunter is a process scanning tool that analyzes all running processes on a system to identify potentially malicious implants and modifications. The tool detects various types of malicious activities including: - Replaced or implanted PE (Portable Executable) files - Shellcode injections in process memory - API hooks and function redirections - In-memory patches and modifications Built on the PE-sieve library, hollows_hunter provides automated scanning capabilities to identify processes that have been compromised or modified by malware. The tool can dump detected malicious implants for further analysis. The scanner operates by examining process memory structures and comparing them against expected patterns to identify anomalies that may indicate malicious activity. It supports recursive cloning for development and is available through multiple distribution channels including direct releases and package managers like Chocolatey.
hollows_hunter FAQ
Common questions about hollows_hunter including features, pricing, alternatives, and user reviews.
hollows_hunter is A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes. It is a Security Operations solution designed to help security teams with Pe File, Shellcode, Memory Forensics.
