hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

📦 Uses library: PE-sieve (the DLL version).

📖 Read Wiki

Clone

Use recursive clone to get the repo together with all the submodules:

git clone --recursive https://github.com/hasherezade/hollows_hunter.git

Builds

Download the latest release, or read more.

Name		Name	Last commit message	Last commit date
Latest commit History 435 Commits
params_info		params_info
pe-sieve @ 78b6c93		pe-sieve @ 78b6c93
util		util
.appveyor.yml		.appveyor.yml
.gitmodules		.gitmodules
CMakeLists.txt		CMakeLists.txt
LICENSE		LICENSE
README.md		README.md
color_scheme.h		color_scheme.h
hh_params.cpp		hh_params.cpp
hh_params.h		hh_params.h
hh_report.cpp		hh_report.cpp
hh_report.h		hh_report.h
hh_scanner.cpp		hh_scanner.cpp
hh_scanner.h		hh_scanner.h
main.cpp		main.cpp
mingw_build.sh		mingw_build.sh
term_util.cpp		term_util.cpp
term_util.h		term_util.h

License

faraoman/hollows_hunter

Folders and files

Latest commit

History

Repository files navigation

hollows_hunter

Clone

Builds

About

Resources

License

Stars

Watchers

Forks

Languages