hollows_hunter
Process analyzer
Analyzes running processes to detect and dump malicious code
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
2k stars
66 watching
255 forks
Language: C
last commit: 18 days ago
Linked from 1 awesome list
anti-malwaremalware-analysismalware-detectionmemory-forensicspe-sieve
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 h0mbre/busychild | A utility that analyzes and displays detailed information about processes and their relationships with other processes. | 24 |
 monnappa22/hollowfind | A Volatility plugin to detect hollowing techniques used in process analysis | 131 |
| hasherezade/pe-sieve | A tool for detecting and analyzing malicious code in executables | 3,103 |
| hasherezade/transacted_hollowing | An implementation of a memory-based PE injection technique for executing payloads in a target process | 521 |
| hasherezade/process_doppelganging | An implementation of a malware injection technique using PE injection to create and control malicious processes | 580 |
 glmcdona/process-dump | A tool to extract and analyze malware code from running Windows processes. | 1,651 |
 rieck/malheur | A tool for automatically analyzing malware behavior and identifying patterns and classes. | 368 |
 cyb3rmx/qu1cksc0pe | A comprehensive tool for analyzing suspicious files and detecting malware characteristics. | 1,320 |
 telekom-security/malware_analysis | An analysis repository providing scripts, signatures, and IOCs for detecting and analyzing malware. | 110 |
 tencent/habomalhunter | Automates malware analysis on Linux systems to extract and analyze static and dynamic features | 732 |
 securityjoes/askjoe | An OpenAI-powered Ghidra script to analyze malware by providing explanations and insights | 121 |
 usualsuspect/malscan | A tool to detect and analyze malicious code in process memory by executing Python scripts on YARA matches | 12 |
 cristianzsh/freki | A platform for analyzing malware and performing reverse engineering on binary files | 422 |
 justicerage/manalyze | Analyzes PE files for security vulnerabilities and suspicious behavior | 1,018 |
 flatt-security/shisho | A tool that analyzes code for security vulnerabilities and provides feedback to developers | 371 |