Shellsquid was built out of necessity. Corporate egress controls often limit outbound connections to http (tcp/80) and https (tcp/443); often requiring the traffic to exit through a proxy. When attacking victims it is then a necessity to use reverse payloads that connect on one of these two ports and are proxy aware. The safest option being https. This is straight forward. Start your listener and go. But what if you’re attacking multiple targets and want to keep them separate? What if you’re working with a team who is all attacking different targets and they can’t share a listener? What are you to do? Shellsquid is meant to alleviate this issue by dynamically routing your reverse connections to a configured listener on a different port and/or machine. Teams of penetration testers can now share a single perimeter systems listening over https, while routing reverse connections to internal hosts.