← Cybersecurity Alphabet Soup

DLL

Dynamic-Link Library

appsecmedium

A DLL is a Windows shared code library that programs load at runtime. Attackers abuse the loading mechanism through DLL injection, search-order hijacking, and sideloading to run malicious code inside a trusted process, often evading detection because the host application is legitimate. These techniques are staples of malware persistence and privilege escalation, which is why defenders monitor unusual module loads.

Sources

More in appsec