Hollows_Hunter is a command-line application based on the passive memory scanner PE-sieve. Its main function is to identify and dump various types of potentially malicious implants, such as replaced/embedded PE, shellcodes, hooks, and patches in memory.
Advanced Process Selection: Unlike PE-sieve, which allows selecting processes only by PID (process identifier), Hollows Hunter offers the possibility to choose processes based on various criteria:
Complete Scanning: If no specific target is selected, the software scans all available processes in the system.
Continuous Scanning: Hollows Hunter can be configured to perform continuous memory scanning using the /loop argument or run as an ETW (Event Tracing for Windows) listener in /etw mode (64-bit version only).
With these features, Hollows Hunter becomes a powerful tool for identifying malicious implants in memory, making it essential for security analysis in Windows systems.
Version: 0.4.1
Size: 1.21 MB
License: Free
Language: English
Platform: Windows
File Type: EXE
SHA-256: 4d6a3a2f786ab06820758b815e184d5fbad5dfd5140c106a7c5c9589e50dbe99
Developer: hasherezade
Category: System/System Tools
Last Update: 02/11/2025Sandboxie
Install software and browse the web securely in an isolated
Grub2Win
Tool that facilitates the installation of multiple operating systems.
RegCool
Advanced registry editor that has many powerful features.
Monitorian
Utility for Windows that allows you to adjust the brightness of multiple monitors.
Don't Sleep
Utility that does not allow your computer to be turned off accidentally.
SoundVolumeView
Utility to view and change sound volume in Windows.