DLLHijackHunter — automated detection of DLL Hijacking vulnerabilities in Windows

A tool for discovering DLL Hijacking vulnerabilities in the local system. It runs a multi‑phase pipeline: from static analysis of binaries and services to verifying exploitability through injection of a canary DLL.

Features: 📍 Scans for vulnerabilities in services, scheduled tasks, COM objects, and startup entries. 📍 Analyzes UAC bypass vectors via AutoElevate and application manifests. 📍 Filters false positives. 📍 Confirms vulnerabilities using a safe canary DLL and automatic trigger. 📍 Provides assessment and reporting with likelihood‑based ranking (console + JSON output).

Compared to tools like DLLHijackAuditor and PowerUp.ps1, DLLHijackHunter goes beyond static detection — it validates actual DLL execution, improving accuracy at the cost of longer analysis time.

📎 Tool: https://github.com/ghostvectoracademy/DLLHijackHunter

💬 Discuss