hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

📦 Uses: PE-sieve (the library version).

❓ PE-sieve FAQ - Frequently Asked Questions

📖 Read Wiki

Clone

Use recursive clone to get the repo together with all the submodules:

git clone --recursive https://github.com/hasherezade/hollows_hunter.git

Builds

Download the latest release, or read more.

Available also via Chocolatey

Name		Name	Last commit message	Last commit date
Latest commit History 752 Commits
.github/workflows		.github/workflows
krabsetw @ 6b3152d		krabsetw @ 6b3152d
logo		logo
paramkit @ fbead40		paramkit @ fbead40
params_info		params_info
pe-sieve @ 3053ac2		pe-sieve @ 3053ac2
util		util
.appveyor.yml		.appveyor.yml
.gitignore		.gitignore
.gitmodules		.gitmodules
CMakeLists.txt		CMakeLists.txt
Doxyfile		Doxyfile
LICENSE		LICENSE
README.md		README.md
etw_listener.cpp		etw_listener.cpp
etw_listener.h		etw_listener.h
etw_settings.cpp		etw_settings.cpp
etw_settings.h		etw_settings.h
hh_params.cpp		hh_params.cpp
hh_params.h		hh_params.h
hh_report.cpp		hh_report.cpp
hh_report.h		hh_report.h
hh_res.rc		hh_res.rc
hh_scanner.cpp		hh_scanner.cpp
hh_scanner.h		hh_scanner.h
hh_ver_short.h		hh_ver_short.h
main.cpp		main.cpp
mingw_build.sh		mingw_build.sh
resources.h		resources.h
resources.rc		resources.rc
term_util.cpp		term_util.cpp
term_util.h		term_util.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

hollows_hunter

Clone

Builds

About

Releases

Packages

Languages

License

ezhangle/hollows_hunter

Folders and files

Latest commit

History

Repository files navigation

hollows_hunter

Clone

Builds

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages