> [!Info] > This page is currently a work in progress. - Is when as attacker places a malicious DLL in a directory where an application loads it instead of the legitimate one. - Leads to code execution with the privileges of the application. ### DLL Hijacking vs DLL Search Order Sideloading vs DLL Injection - [[DLL-Search-Order-Hijacking|DLL Search Order Hijacking]] - Exploits the Windows DLL search-order weaknesses to load a malicious DLL. - [[DLL-Sideloading|DLL Sideloading]] - Abuses trusted, signed applications to load an attacker-controlled DLL from the same location as the trusted application (side-loaded). - [[DLL-Injection|DLL Injection]] - Forces a DLL into another process’s memory space to execute malicious code. DLL Hijacking and DLL Search Order Sideloading are very similar with the main difference being that sideloading leverages signed binaries in order to appear legitimate.