DLL Hijack Protection Demo 2: Poorly Designed Apps Protection

A poorly designed application loads a DLL by name instead of using a full path — a common DLL hijacking vulnerability.

In this demo:

• The app runs and successfully loads a malicious Evil.dll, demonstrating the hijack works.
• DLL Hijack Protection is enabled — the attack is blocked and logged.
• To handle a false positive, create a DLL Hijack Protection rule to allow the approved DLL.