Hollows_Hunter

Description

---

Hollows_Hunter is a command-line application based on the passive memory scanner PE-sieve. Its main function is to identify and dump various types of potentially malicious implants, such as replaced/embedded PE, shellcodes, hooks, and patches in memory.

Main Features:

Advanced Process Selection: Unlike PE-sieve, which allows selecting processes only by PID (process identifier), Hollows Hunter offers the possibility to choose processes based on various criteria:

• List of PIDs
• List of process names
• Creation time (relative to the moment of executing Hollows Hunter)

Complete Scanning: If no specific target is selected, the software scans all available processes in the system.

Continuous Scanning: Hollows Hunter can be configured to perform continuous memory scanning using the /loop argument or run as an ETW (Event Tracing for Windows) listener in /etw mode (64-bit version only).

With these features, Hollows Hunter becomes a powerful tool for identifying malicious implants in memory, making it essential for security analysis in Windows systems.

Technical Specifications

---

Version: 0.4.1

Size: 1.21 MB

License: Free

Language: English

Platform: Windows

File Type: EXE

SHA-256: 4d6a3a2f786ab06820758b815e184d5fbad5dfd5140c106a7c5c9589e50dbe99

Developer: hasherezade

Category: System/System Tools

Updated: 02/11/2025

Related

Sandboxie
Install software and browse the web securely in an isolated

Grub2Win
Tool that facilitates the installation of multiple operating systems.

RegCool
Advanced registry editor that has many powerful features.

Monitorian
Utility for Windows that allows you to adjust the brightness of multiple monitors.

SnadBoys Revelation
Small utility that reveals hidden passwords in the form of asterisks.

SoundVolumeView
Utility to view and change sound volume in Windows.