hollows_hunter is a process scanner detecting and dumping hollowed PE modules. it Uses PE-sieve (DLL version): PE-sieve is n open source tool based on libpeconv. It scans a given process, searching for manually loaded or modified modules. When found, it dumps the modified/suspicious PE along with a report in JSON format, detailing about the found indicator.
+ Visual C++
Use and Download:
git clone --recursive https://github.com/hasherezade/hollows_hunter.git
Open Visual C++ 2017 x86/x64 Native Tools Command Prompt
At the developer command prompt, enter cl /EHsc main.cpp to compile your program.
Download stable here: