volatility-browserhooks
volatility-browserhooks copied to clipboard

Published 20 hours ago •

→

Metadata

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

Readme
Issues

volatility-browserhooks

Volatility-browserhooks is a http://www.volatilityfoundation.org[Volatility Framework] plugin to detect various types of hooks as performed by recent banking Trojans.

Usage

Move browserhooks.py to volatility/plugins/malware in the Volatilty Framework path.
Run: python vol.py -f dump_from_compromised_windows_system.vmem --profile=Win7SP1x64 browserhooks (-D _store_mods)

Authors

Peter Kálnai <peter.kalnai @_eset.cz>
Michal Poslušný <michal.poslusny @_eset.cz>

About

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

volatility

malware-detection

volatility-plugins

volatility-framework

39

Stars

17

Forks

Watchers

Owner

eset

← Metadata

39

Stars

17

Forks

Watchers

Owner

eset

Metadata

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

Back

volatility-browserhooks volatility-browserhooks copied to clipboard

Metadata

volatility-browserhooks

Usage

Authors

← Metadata

Owner

Metadata

volatility-browserhooks
volatility-browserhooks copied to clipboard