Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/renarddev/hijack

HiJack - A tool that uses Windows mechanics to intercept process creation by adding a debugger to the registry.
https://github.com/renarddev/hijack

hijack hijacking hijacking-methods injector injector-x64

Last synced: 20 days ago
JSON representation

HiJack - A tool that uses Windows mechanics to intercept process creation by adding a debugger to the registry.

Host: GitHub
URL: https://github.com/renarddev/hijack
Owner: RenardDev
License: mit
Created: 2024-12-23T13:14:59.000Z (26 days ago)
Default Branch: main
Last Pushed: 2024-12-23T15:18:41.000Z (26 days ago)
Last Synced: 2024-12-23T15:19:06.672Z (26 days ago)
Topics: hijack, hijacking, hijacking-methods, injector, injector-x64
Language: C++
Homepage:
Size: 14.6 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

README

# HiJack
A utility leveraging Windows mechanisms to intercept process creation by registering a debugger in the system registry.

# Commands
```
HiJack.exe /list
HiJack.exe /add
HiJack.exe /remove
```

# Usage
To intercept a process, such as hello.exe, execute the following command:
```
HiJack.exe /add hello.exe
```
This will enable HiJack to intercept the process creation of `hello.exe` and inject the library `_hijack.dll` (e.g., `hello_hijack.dll` or `hello_hijack32.dll` if the process is 32-bit). The DLL must be located in the same directory as the intercepted executable.

# NOTE
* Ensure that you use the appropriate version of HiJack:
- Use the 32-bit version for 32-bit processes.
- Use the 64-bit version for 64-bit processes.
* The 32-bit version of HiJack can utilize the 64-bit version if both executables are placed in the same directory.
* The 64-bit version of HiJack can utilize the 32-bit version if both executables are placed in the same directory.