radare2
hollows_hunter
Our great sponsors
radare2 | hollows_hunter | |
---|---|---|
1 | 4 | |
15,238 | 1,874 | |
- | - | |
9.9 | 7.5 | |
over 2 years ago | 21 days ago | |
C | C | |
GNU Lesser General Public License v3.0 only | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
radare2
-
Awesome CTF : Top Learning Resource Labs
radare2 - A portable reversing framework.
hollows_hunter
- Rileva hollow code injection in windows
-
Is it possible a spyware can hide it's processes in task manager details and in services tab?
To detect such modules we can use https://github.com/hasherezade/hollows_hunter
- Hollows Hunter – Scans all running processes
-
PE-Sieve and Hollows Hunter v0.3.3
Release v0.3.3 · hasherezade/hollows_hunter · GitHub
What are some alternatives?
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
mal_unpack - Dynamic unpacker based on PE-sieve
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
Pentest-Notes - Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)
volatility - An advanced memory forensics framework
pe-sieve - Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
pwntools - CTF framework and exploit development library
hem-hashes - Hiew External Module (HEM) to calculate CRC-32, MD5, SHA-1, and SHA-256 hashes of a given file/block
radare2-book - Radare2 official book
snappy-fox - 🦀🦊 Snappy (Firefox morgue cache format) files de-compressor, works even if they're corrupted
pev - The PE file analysis toolkit