/GoDhijacking

Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response) systems. 红队工具旨在快速识别可劫持程序、逃避防病毒软件和 EDR(端点检测和响应)系统。

GoDHijack

Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response) systems.

中文说明

Current version v1.0

  • Supports searching for x86 / x64 programs.
  • May circumvent DLLMain deadlock (as it can directly use exported functions).
  • Accuracy 96%
  • Supports traversing all directories
  • Instead of simply looking for dlls loaded by LoadLibraryA (this kind of DLL can use DllMain directly)

To be done in the next version

  • Adding a Manually Specified PE Schema (32 |64)
  • Processing that exported functions cannot be called directly
  • Automatically generate DLL template after identification
  • Subsequent open source

Uses

GoDHijack> .\GoDHijack_x86.exe
Error: missing required argument
Usage:
  GoDHijack [flags]
  GoDHijack [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  find        Automated search for vulnerable programs susceptible to hijacking.
  generate    Automatically generate hijacking templates
  help        Help about any command

Flags:
  -h, --help   help for GoDHijack

Use "GoDHijack [command] --help" for more information about a command.

Use find

alt text

oks.txt alt text

Use generate

alt text

Check

alt text