Skip to content

nbaertsch/AutoAppDomainHijack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

src

src

 
 

templates

templates

 
 

.gitignore

.gitignore

 
 

AutoDomainHijack.nimble

AutoDomainHijack.nimble

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

AutoAppDomainHijack

Tools to automate finding AppDomain hijacks and generating payloads from shellcode.

HijackHunt

Run this tool on the target. It will search recursively in the C:\ directory for .NET managed .exes and test if the folder is writeable - indicating that the PE is AppDomainHijack-able.

AutoDomainHijack

Generate AppDomainHijack payloads given a shellcode file or url.

Usage:
  AutoDomainHijack.exe
  AutoDomainHijack.exe (--version | -h | --help)

Options:
  -t, --target-name=<target-name>  Name of the target managed .exe to hijack.
  -n, --hijack-name=<hijack-name>  Name of the hijacker .dll.
  -u, --url=<url>                  URL of the remote shellcode to run.
  -f, --file=<file>                File containing the shellcode to embed.
  -o, --output=<output>            Full directory to write files to.
  -e, --etw=<etw>                  Disable ETW. [default: true]
      --version                    Prints version
  -h, --help                       Show help message

Build

nimble build

About

Automated .NET AppDomain hijack payload generation

Resources

Readme

License

GPL-3.0 license
Activity

Stars

91 stars

Watchers

1 watching

Forks

15 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages