Skip to content

eset/volatility-browserhooks

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 

Repository files navigation

volatility-browserhooks

Volatility-browserhooks is a Volatility Framework plugin to detect various types of hooks as performed by recent banking Trojans.

Usage

  1. Move browserhooks.py to volatility/plugins/malware in the Volatilty Framework path.

  2. Run: python vol.py -f dump_from_compromised_windows_system.vmem --profile=Win7SP1x64 browserhooks (-D _store_mods)

Authors

  • Peter Kálnai <peter.kalnai @_eset.cz>

  • Michal Poslušný <michal.poslusny @_eset.cz>

About

Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

Topics

Resources

License

Stars

40 stars

Watchers

12 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages