Today I'm pushing up HijackHunter to the OffensiveC# repo. This tool works by parsing the IAT and delay load table of a PE and testing each import for potential hijacks. If a hijack is detected, it will tell you why it determined it and how to abuse it. github.com/matterpreter/Offe…
5:33 PM · Aug 10, 2020
2
163
265
GIF
Features:
- x86 & x64 support
- Recursive import search (dependency walker)
- No external requirements (no PeNet!)
- Written entirely in C# for easy deployment via C2
3
0
7
I drew a great deal of inspiration from @_ForrestOrr's Siofra (github.com/forrest-re/siofra…) and heavily referenced @spottheplanet's post on manually parsing PE headers (ired.team/miscellaneous-reve…).
2
15
38
Also, huge shout out to @monoxgas for writing my favorite post on DLL hijack tradecraft ever, which reignited my interest in this technique silentbreaksecurity.com/adap…
1
16
63

