SideloadFinder
SideloadFinder copied to clipboard

Published 20 hours ago •

→

Metadata

frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR'...

Readme
Issues

Logo

SideloadFinder

Description

A simple script which automates the process of discovering and exploiting DLL Hijacks in target binaries by frida hook, icon created by ERNIE Bot.

Features

Dynamic DLL Hijacks(use like LoadLibrary)
Static DLL Hijacks(DIRECTORY_ENTRY_IMPORT)

Usage:

sideload_finder.py  -i  testcase -o out.csv

{'type': 'send', 'payload': {'payload_type': 'dll', 'dll': 'wsc.dll', 'flag': 0}}
{'type': 'send', 'payload': {'payload_type': 'proc', 'proc': '_run@4'}}
ae90c0a08698d698182043ede236e528.exe,wsc.dll,0x0,_run@4

output

Reference

https://github.com/knight0x07/ImpulsiveDLLHijack

About

frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR'...

redteam

dll-hijacking

bypass-antivirus

edr-bypass

bypass-edr

dll-sideloading

45

Stars

5

Forks

Watchers

Owner

roadwy

← Metadata

45

Stars

5

Forks

Watchers

Owner

roadwy

Metadata

frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR'...

Back

SideloadFinder SideloadFinder copied to clipboard

Metadata

Description

Features

Usage:

Reference

← Metadata

Owner

Metadata

SideloadFinder
SideloadFinder copied to clipboard