What is Rattler and how does it automate the discovery of DLL preloading vulnerabilities?

Rattler is an open-source tool by Chris Le Roy from SensePost that automates the identification of DLL hijacking vulnerabilities (also called DLL preloading vulnerabilities). It monitors DLL loading behavior during application execution to pinpoint which DLLs can be hijacked by analyzing the search order and KnownDLLs exclusion. The tool streamlines the manual Process Monitor approach described in the Rattler testing article, making it faster to find exploitable DLL paths in software like Explorer Suite.