|
![]() Your download link is at the very bottom of the page... always. |
Processed through Paypal No account required. Donate Bitcoin to this wallet: 1KkUMXvQ2ko3xcJkzitB7WYgoW6m79WFfm Donate Ethereum to this wallet: 0x40E56922F43637224935CDC35e2c96E0392A8505 Donate Litecoin to this wallet: LLYAFEyqjH69gkyCEpRjXNyedRCWrVChfL |
Files | ||||
File Name | Rating | Downloads | ||
![]() |
hollows_hunter v0.2.5 hollows_hunter v0.2.5 Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). Hollows Hunter allows you to scan your full system, searching for potentially malicious implants, and extract them for further analysis. It is an application based on PE-sieve (DLL version), so there is a big overlap of the features between those two. They have a similar command-line interface, but while PE-sieve is an engine dedicated to scanning a single process, Hollows Hunter offers many additional features and filters on the top of this base. More information about similarities and differences described here. Start by familiarizing yourself with PE-sieve by reading the PE-sieve's Wiki. This download is for the 64bit version. If you need the 32bit version, download here. Changes: v0.2.5 FEATURE Added dump reports (dump_report.json) Renamed scan report (from report.json to scan_report.json) Added parameter: /mignore <modules> - to exclude defined list of modules form the scan BUGFIX Fixed bug in libPeConv causing incomplete import recovery Added more patterns to recognize shellcodes Fixed false positive in path comparison (expand relative paths before comparing) Silence out logs in the quiet mode Click here to visit the author's website. |
![]() |
734 | Mar 09, 2020 HASHEREZADE ![]() |
Showing rows 1 to 1 of 1 | Showing Page 1 of 1 | 1 |
Copyright (c) 2020