PE-sieve / Hollows Hunter — Detecting and dumping of potentially malicious implants

Discussion in 'other anti-malware software' started by mood, Jun 16, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,791
    pe-sieve.png
    PE-sieve
    Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches)
    Website
    Releases

    Hollows Hunter
    Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches
    Website
    Releases

    FAQ
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,329
    Location:
    U.S.A. (South)
    Interesting command line tools there. Thanks @mood

    879.jpg
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,791
    There might be false positives. Reason:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.