vermillion-hunter

Installation
SKILL.md

Overview

Frida-based dynamic instrumentation for identifying Windows "features" exploitable for:

  • DLL Sideloading (T1574.002)
  • COM Hijacking (T1546.015)

WFH Dridex variant: ~966 validated sideloads vs 96 from original.


MITRE ATT&CK Mapping

T1574.002 - DLL Side-Loading

Installs
7
Repository
plurigrid/asi
GitHub Stars
28
First Seen
Jan 29, 2026
vermillion-hunter — plurigrid/asi