hollows_hunter
Pentest-Notes
hollows_hunter | Pentest-Notes | |
---|---|---|
4 | 1 | |
1,877 | 329 | |
- | - | |
8.3 | 1.8 | |
29 days ago | over 1 year ago | |
C | XSLT | |
BSD 2-clause "Simplified" License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
hollows_hunter
- Rileva hollow code injection in windows
-
Is it possible a spyware can hide it's processes in task manager details and in services tab?
To detect such modules we can use https://github.com/hasherezade/hollows_hunter
- Hollows Hunter – Scans all running processes
-
PE-Sieve and Hollows Hunter v0.3.3
Release v0.3.3 · hasherezade/hollows_hunter · GitHub
Pentest-Notes
What are some alternatives?
mal_unpack - Dynamic unpacker based on PE-sieve
mageni - Open-source vulnerability scanner
pe-sieve - Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
jwtXploiter - A tool to test security of json web token
radare2 - UNIX-like reverse engineering framework and command-line toolset [Moved to: https://github.com/radareorg/radare2]
dradis-ce - Dradis Framework: Collaboration and reporting for IT Security teams
hem-hashes - Hiew External Module (HEM) to calculate CRC-32, MD5, SHA-1, and SHA-256 hashes of a given file/block
Villain - Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
favirecon - Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
WhatWeb - Next generation web scanner
Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
faction - Pen Test Report Generation and Assessment Collaboration