hollows_hunter

SIEM & Threat Detection

A command‑line tool that scans and dumps potentially malicious in‑memory implants using a passive memory scanner based on PE‑sieve.

Track releases GitHub Website

C Latest v0.4.1.1 · 8mo ago Security brief →

Features

Scans processes for replaced/injected PEs, shellcodes, hooks and in‑memory patches
Select targets by PID list, name list or creation time relative to execution
Supports continuous scanning via `/loop` argument
Can run as an ETW listener (64‑bit only) for real‑time monitoring

Recent releases

View all 1 releases →

v0.4.1.1 Bug fix 8mo

Security fixes

DLL hijacking protection

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

S

O

N

D

J

F

M

A

M

J

Cadence 0.0 / wk

Last release 263d

Tracked 1

Security

Full profile →

Security score 6.5/10

OpenSSF —

Open CVEs 0

SBOM Active maintainer

Community

GitHub stars 2,358

Forks 290

Open issues 2

Open PRs 0

Stars/wk velocity 0.0

About

Stars

2,358

Forks

290

Languages

C C++ CMake

View on GitHub Documentation

Install & Platforms

Install via

binary chocolatey

Platforms

windows

Similar tools

grisuno/LazyOwn

Tanstack Compromise Checker

santhsecurity/keyhog

grype

About

Stars

2,358

Forks

290

Languages

C C++ CMake

View on GitHub Documentation

Install & Platforms

Install via

binary chocolatey

Platforms

windows

Similar tools

grisuno/LazyOwn

Tanstack Compromise Checker

santhsecurity/keyhog

grype

Beta — feedback welcome: [email protected]