Home

Awesome

ImpulsiveDLLHijack

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during RedTeam Operations to evade EDR's.

1. Methodological Approach :

The tool basically acts on automating following stages performed for DLL Hijacking:

Discovery Methodology :

Exploitation Methodology :

Note: The "Entry Point not found" Error is been handled by the code programmatically no need to close the MsgBox manually :) # Rather this would crash the code further****

**These Confirmed DLL Hijackable paths can later be weaponized during a Red Team Engagement to load a Malicious DLL Implant via a legitimate executable (such as OneDrive,Firefox,MSEdge,"Bring your own LOLBINs" etc.) and bypass State of the art EDR's as most of them fail to detect DLL Hijacking as assessed by George Karantzas and Constantinos Patsakis as mentioned in there research paper: https://arxiv.org/abs/2108.10422

2. Prerequisites:

Note: i & ii prerequisites should be placed in the ImpulsiveDLLHijacks.exe's directory itself.

3. Usage:

usage

4. Examples:

first

Thankyou, Feedback would be greatly appreciated! - knight!