I’ve developed a script that automates the DLL hijacking process. During my testing, I noticed that we often focus on DLLs marked as “Not Found” when testing for DLL hijacking. However, an interesting observation is that among these “Not Found” DLLs, a few (typically one or two) might actually execute, even though we don’t manually test all of them. This script helps automate the testing of all potential DLLs. Note that the payload execution still requires manual verification, as the script is currently a work in progress. Features: Do not perform testing on DLLs within the Windows directory. If the command prompt runs with administrative privileges, the script will ask if you want to execute with elevated permissions. Allows exploitation with either administrative or normal user privileges. It offers multiple payload options to choose from. Execution Process: Run Run1_Auto_DLL_Hijacking_Admin.bat with administrative privileges. It first launches Procmon and then prompts you to ini
A blog is all about cyber security, WAPT, VAPT, API Security Testing, Scripts, Automation and Random stuff