DLL and PowerShell script to assist with finding DLL hijacks
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
翻译 - 这是一个使用 DLL 劫持和滥用“可信目录”验证绕过 UAC 的 PoC。
C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
翻译 - 基于 C# 的工具,可自动发现和利用目标二进制文件中的 DLL 劫持过程。发现的被劫持路径稍后可以在红队行动期间武器化以逃避 EDR。
DLLhijack winmm.dll
SuperDllHijack:A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术,不再需要手工导出Dll的函数接口了
This toolkit detects applications vulnerable to DLL hijacking (released in 2010)
基于go的简单劫持方法
分析指定应用程序的劫持DLL