hollows_hunter

Hollows Hunter is a command-line malware analysis tool based on the PE-sieve passive memory scanner. It scans running processes, or even the full system, to identify potentially malicious implants. The tool can recognize and dump suspicious artifacts such as replaced PEs, injected PEs, shellcode, hooks, and in-memory patches. Unlike PE-sieve’s more process-specific workflow, Hollows Hunter can select targets using broader criteria such as process IDs, process names, or creation time. This makes it useful for incident response, memory triage, and forensic investigation of suspicious Windows systems. Its purpose is defensive analysis, helping researchers extract suspicious memory artifacts for deeper review.

Features

Command-line memory scanning
Full-system or multi-process analysis
Detection of injected PE artifacts
Shellcode, hook, and patch recognition
Suspicious implant dumping
Incident response and malware triage

Project Samples

Project Activity

See All Activity >

License

BSD License

Follow hollows_hunter

hollows_hunter Web Site

Other Useful Business Software

Stop Cyber Threats with VM-Series Next-Gen Firewall on Azure

Native application identity and user-based security for your Azure cloud

Gain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.

Get a free trial

Rate This Project

User Reviews

Be the first to post a review of hollows_hunter!

Additional Project Details

Programming Language

Related Categories

C Command Line Tools

Registered

1 day ago

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Process Street

Process Street is an AI-powered compliance operations platform that automates complex workflows, enforces standards, and tracks audit data in real time. Teams use it to create structured SOPs, assign tasks, collect data, and monitor execution with intelligent oversight. From onboarding and...

See Software
Grafana Cloud

Grafana Labs delivers the leading AI-powered observability platform, built around Grafana—the world’s most widely adopted open source technology for dashboards and visualization. Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Observability Platforms, Grafana Labs supports more...

See Software
SurveyJS

SurveyJS is an embeddable, self-hosted, white-label form builder for teams building custom forms, surveys, questionnaires, and other data collection tools inside web applications. It runs entirely on the client and is fully compatible with all modern JavaScript frameworks, including React,...

See Software
GW Apps

GW Apps – Build Powerful Business Apps Without Code. GW Apps is a secure, cloud-based no-code platform that enables businesses to create custom applications and automate workflows without programming. Designed for both business and IT teams, GW Apps combines an intuitive drag-and-drop builder...

See Software
ManageEngine OpManager

OpManager is a network management tool geared to monitor your entire network. Ensure all devices operate at peak health, performance, and availability. The extensive network monitoring capabilities lets you track performance of switches, routers, LANs, WLCs, IP addresses, and...

See Software

Report inappropriate content

hollows_hunter

Recognizes and dumps a variety of potentially malicious implants

Get an email when there's a new version of hollows_hunter

Features

Project Samples

Project Activity

Categories

License

Follow hollows_hunter

User Reviews

Additional Project Details

Programming Language

Related Categories

Registered