Skip to content

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

License

Notifications You must be signed in to change notification settings

eset/volatility-browserhooks

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 

Repository files navigation

volatility-browserhooks

Volatility-browserhooks is a Volatility Framework plugin to detect various types of hooks as performed by recent banking Trojans.

Usage

  1. Move browserhooks.py to volatility/plugins/malware in the Volatilty Framework path.

  2. Run: python vol.py -f dump_from_compromised_windows_system.vmem --profile=Win7SP1x64 browserhooks (-D _store_mods)

Authors

  • Peter Kálnai <peter.kalnai @_eset.cz>

  • Michal Poslušný <michal.poslusny @_eset.cz>

About

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages