Allow filtering processes by a time of creation

hasherezade / hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

https://github.com/hasherezade/hollows_hunter/wiki

BSD 2-Clause "Simplified" License

2.03k stars 253 forks source link

Allow filtering processes by a time of creation #9

Closed hasherezade closed 3 years ago

hasherezade commented 3 years ago

Add the parameter that will allow for scanning only newly created processes (created a certain amount of milliseconds/seconds/minutes) before the scan was started).

- requested by abuse_ch

hasherezade commented 3 years ago

Added in the release v0.2.9.5