mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 06:54:57 +03:00
mukul975
22 lines
695 B
Markdown
22 lines
695 B
Markdown
# DLL Sideloading Hunt Template
|
|
|
|
## Hunt Metadata
|
|
| Field | Value |
|
|
|-------|-------|
|
|
| Hunt ID | TH-SIDELOAD-YYYY-MM-DD-NNN |
|
|
| Analyst | |
|
|
| Date | |
|
|
|
|
## Hypothesis
|
|
> [e.g., "Adversaries are using DLL sideloading with legitimate signed applications to execute malicious payloads while evading detection."]
|
|
|
|
## Findings
|
|
| # | Host | Application | Sideloaded DLL | DLL Path | Signed | Risk | Verdict |
|
|
|---|------|------------|---------------|----------|--------|------|---------|
|
|
| 1 | | | | | | | |
|
|
|
|
## Recommendations
|
|
1. **Block**: [Quarantine malicious DLLs]
|
|
2. **Harden**: [Application directory permissions, DLL safe search mode]
|
|
3. **Detect**: [Sysmon Event ID 7 rules for known targets]
|