├── .gitignore
├── 1_finding_candidates
    ├── README.md
    ├── generate_pmc_files.py
    ├── procmon_template.pmc
    └── run_procmon_scan.ps1
├── 2_compiling_dlls
    ├── Dockerfile
    ├── README.md
    ├── generate_dlls.py
    ├── requirements.txt
    └── run_executable.vbs
├── LICENSE
├── README.md
├── approach.svg
├── dll_hijacking_candidates.csv
└── possible_windows_dll_hijacking.yml


/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/.gitignore


--------------------------------------------------------------------------------
/1_finding_candidates/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/1_finding_candidates/README.md


--------------------------------------------------------------------------------
/1_finding_candidates/generate_pmc_files.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/1_finding_candidates/generate_pmc_files.py


--------------------------------------------------------------------------------
/1_finding_candidates/procmon_template.pmc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/1_finding_candidates/procmon_template.pmc


--------------------------------------------------------------------------------
/1_finding_candidates/run_procmon_scan.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/1_finding_candidates/run_procmon_scan.ps1


--------------------------------------------------------------------------------
/2_compiling_dlls/Dockerfile:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/2_compiling_dlls/Dockerfile


--------------------------------------------------------------------------------
/2_compiling_dlls/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/2_compiling_dlls/README.md


--------------------------------------------------------------------------------
/2_compiling_dlls/generate_dlls.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/2_compiling_dlls/generate_dlls.py


--------------------------------------------------------------------------------
/2_compiling_dlls/requirements.txt:
--------------------------------------------------------------------------------
1 | tqdm
2 | 


--------------------------------------------------------------------------------
/2_compiling_dlls/run_executable.vbs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/2_compiling_dlls/run_executable.vbs


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/LICENSE


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/README.md


--------------------------------------------------------------------------------
/approach.svg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/approach.svg


--------------------------------------------------------------------------------
/dll_hijacking_candidates.csv:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/dll_hijacking_candidates.csv


--------------------------------------------------------------------------------
/possible_windows_dll_hijacking.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wietze/windows-dll-hijacking/HEAD/possible_windows_dll_hijacking.yml


--------------------------------------------------------------------------------