{"id":18831826,"url":"https://github.com/flangvik/dllsideloader","last_synced_at":"2025-06-16T04:04:31.994Z","repository":{"id":37698777,"uuid":"193896884","full_name":"Flangvik/DLLSideloader","owner":"Flangvik","description":"PowerShell script to generate \"proxy\" counterparts to easily perform DLL Sideloading","archived":false,"fork":false,"pushed_at":"2019-07-24T21:59:19.000Z","size":36873,"stargazers_count":122,"open_issues_count":2,"forks_count":30,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-04-14T04:16:43.072Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Flangvik.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-06-26T12:08:03.000Z","updated_at":"2025-04-12T06:40:13.000Z","dependencies_parsed_at":"2022-08-27T06:01:03.892Z","dependency_job_id":null,"html_url":"https://github.com/Flangvik/DLLSideloader","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flangvik%2FDLLSideloader","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flangvik%2FDLLSideloader/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flangvik%2FDLLSideloader/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flangvik%2FDLLSideloader/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Flangvik","download_url":"https://codeload.github.com/Flangvik/DLLSideloader/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248819412,"owners_count":21166477,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T01:56:04.503Z","updated_at":"2025-04-14T04:16:54.305Z","avatar_url":"https://github.com/Flangvik.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DLLSideloader\nPowerShell script to generate \"proxy\" counterpart of DLL files load unsafely by binaries on runtime, makes it super easy to perform  a DLL Sideloading attack or hijacking  \n\nSee the below articles for more details  \nhttps://flangvik.com/privesc/windows/bypass/2019/06/25/Sideload-like-your-an-APT.html  \nhttps://flangvik.com/2019/07/24/Bypassing-AV-DLL-Side-Loading.html\n\nBoth demo's are using GUP.exe signed from NotePad ++ (32bit), loading a malicious libcurl sideloading malware:  \n\nSideloading payload.dll( meterpreter revshell)\n![Meterpreter sideload](https://github.com/SkiddieTech/DLLSideloader/blob/master/dll-sideload-demogif.gif)\n\n\nLoading C++ code getting revshell and bypassing AV's\n\n[![AV Bypass](https://img.youtube.com/vi/pWJ_pd0QhFM/maxresdefault.jpg)](https://youtu.be/pWJ_pd0QhFM)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflangvik%2Fdllsideloader","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fflangvik%2Fdllsideloader","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflangvik%2Fdllsideloader/lists"}