hollows_hunter
Process analyzer
Analyzes running processes to detect and dump malicious code
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
2k stars
66 watching
257 forks
Language: C
last commit: 4 months ago
Linked from 1 awesome list
anti-malwaremalware-analysismalware-detectionmemory-forensicspe-sieve
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 h0mbre/busychild | A utility that analyzes and displays detailed information about processes and their relationships with other processes. | 24 |
 monnappa22/hollowfind | A Volatility plugin to detect hollowing techniques used in process analysis | 131 |
| hasherezade/pe-sieve | A tool for detecting and analyzing malicious code in executables | 3,157 |
| hasherezade/transacted_hollowing | An implementation of a memory-based PE injection technique for executing payloads in a target process | 521 |
| hasherezade/process_doppelganging | An implementation of a malware injection technique using PE injection to create and control malicious processes | 581 |
 glmcdona/process-dump | A tool to extract and analyze malware code from running Windows processes. | 1,662 |
 rieck/malheur | A tool for automatically analyzing malware behavior and identifying patterns and classes. | 369 |
 cyb3rmx/qu1cksc0pe | An all-in-one malware analysis tool that provides detailed information about suspicious files and executables. | 1,348 |
 telekom-security/malware_analysis | An analysis repository providing scripts, signatures, and IOCs for detecting and analyzing malware. | 110 |
 tencent/habomalhunter | Automates malware analysis on Linux systems to extract and analyze static and dynamic features | 734 |
 securityjoes/askjoe | A tool that utilizes OpenAI to assist researchers in reverse engineering malware using Ghidra | 121 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
 cristianzsh/freki | A platform for analyzing malware and performing reverse engineering on binary files | 424 |
 justicerage/manalyze | Analyzes PE files for security vulnerabilities and suspicious behavior | 1,024 |
 flatt-security/shisho | A tool that analyzes code for security vulnerabilities and provides feedback to developers | 369 |