dhs
« Back to VersTracker
Description:
Scans for dylib hijacking
Type: Cask  |  Latest Version: 1.6.0@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  @objective_see  |  formulae.brew.sh
Category: Security
Tags: security macos scanner dylib hijacking analysis
Install: brew install --cask dhs
About:
DHS (Dylib Hijacking Scanner) is a security utility that inspects applications for vulnerabilities to dylib hijacking, a macOS-specific attack vector. It analyzes app bundles to identify insecure configurations that allow malicious libraries to be loaded. This tool helps administrators and developers harden their systems against privilege escalation and code injection.
Key Features:
  • Scans applications for insecure dylib loading paths
  • Provides detailed reports on vulnerable executables
  • Command-line interface for automation and scripting
  • Lightweight and requires no installation
Use Cases:
  • System administrators auditing installed software for security risks
  • Developers verifying their applications are not susceptible to hijacking
  • Security researchers analyzing macOS malware persistence techniques
Alternatives:
  • otool -L – Standard macOS tool listing linked libraries, but requires manual inspection and expertise to identify vulnerabilities
  • Santa – Comprehensive execution control system that can block malicious libraries, but operates as a always-on daemon rather than a scanner
Version History
Detected Version Rev Change Commit
Aug 5, 2025 2:17pm 1.5.1 0 VERSION_BUMP b2537dfd
« Back to VersTracker  |  Browse Packages  |  About