SkillAgentSearch skills...

ExplorerPersist

Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when it's get loaded into the explorer process , our malicoius code get executed

GenerateConvertImprove

Install / Use

/learn @gavz/ExplorerPersist
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

ExplorerPersist

Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when it's get loaded into the explorer process , our malicoius code get executed. The persistence is triggered each time the explorer process is runned.

POC

https://user-images.githubusercontent.com/110354855/212118375-d96b9531-e569-4e9a-b8fb-30168373564b.mp4

gavz

View profile

View on GitHub
GitHub Stars84
CategoryContent
Updated16d ago
Forks23
gavz/ExplorerPersist

Security Score

80/100

Audited on Mar 15, 2026

No findings