Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

hollows_hunter – A process scanner detecting and dump hollowed PE modules.

published on 2018-04-18 03:19:00 UTC by xcode@outlook.hu (Security List Network™ worldwide Team.)
Content:

hollows_hunter is a process scanner detecting and dumping hollowed PE modules. it Uses PE-sieve (DLL version): PE-sieve is n open source tool based on libpeconv. It scans a given process, searching for manually loaded or modified modules. When found, it dumps the modified/suspicious PE along with a report in JSON format, detailing about the found indicator.

hollows_hunter v0.1

Dependencies:
+ Visual C++

Use and Download:

git clone --recursive https://github.com/hasherezade/hollows_hunter.git
cd hollows_hunter
Open Visual C++ 2017 x86/x64 Native Tools Command Prompt
At the developer command prompt, enter cl /EHsc main.cpp to compile your program.

Download stable here:
https://github.com/hasherezade/hollows_hunter/releases

Source: https://github.com/hasherezade

Article: hollows_hunter – A process scanner detecting and dump hollowed PE modules. - published over 6 years ago.

https://seclist.us/hollows_hunter-a-process-scanner-detecting-and-dump-hollowed-pe-modules.html   
Published: 2018 04 18 03:19:00
Received: 2022 07 15 03:31:12
Feed: Security List Network™
Source: Security List Network™
Category: News
Topic: Security Tooling
Views: 2

Custom HTML Block

Click to Open Code Editor