Bind Shell | Opens a port and waits for a connection | Remote Code Execution | msfvenom -p windows/x86/bind_tcp |
Reverse Shell | Connects to a remote host | Remote Code Execution | msfvenom -p windows/x86/reverse_tcp |
Shellcode Encoder | Avoids detection by modifying code | Evading Antivirus | msfvenom -e x86/shikata_ga_nai |
Download & Execute | Downloads and runs a file | Remote Code Execution | msfvenom -p windows/download_exec |
Add User | Creates a new system user | Privilege Escalation | msfvenom -p windows/adduser |
Meterpreter | Advanced shell with extended functionalities | Remote Code Execution | msfvenom -p windows/meterpreter/reverse_tcp |
VNC Injection | Injects VNC server for remote GUI access | Remote Access | msfvenom -p windows/vncinject/reverse_tcp |
Shellcode Decrypter | Decrypts encrypted payload on target | Evading Antivirus | Custom Assembly Required |
File Deleter | Deletes specified files from the system | Post Exploitation | Custom Assembly Required |
Port Scanner | Scans the local network for open ports | Information Gathering | msfvenom -p windows/x86/portscan |
Payload Stager | Downloads the second stage of a payload | Remote Code Execution | msfvenom -p windows/x86/stager |
Spawn Shell | Opens a command shell | Remote Code Execution | msfvenom -p windows/x86/shell_bind_tcp |
Memory Executer | Executes a payload in memory | Evading Antivirus | Custom Assembly Required |
Keyboard Logger | Captures keyboard input | Information Gathering | msfvenom -p windows/keylogger |
Reboot Machine | Reboots the victim machine | Denial of Service | msfvenom -p windows/reboot |
Disable Firewall | Turns off the Windows firewall | Post Exploitation | msfvenom -p windows/firewall_disable |
Migrate Process | Moves the shellcode to a different process | Persistence | msfvenom -p windows/migrate |
DNS Resolver | Resolves domain names to IP addresses | Information Gathering | msfvenom -p windows/dns_resolver |
Screen Capture | Captures the current screen content | Information Gathering | msfvenom -p windows/screencap |
Webcam Capture | Accesses and captures from the webcam | Information Gathering | msfvenom -p windows/webcam |
Audio Capture | Records audio from the machine's microphone | Information Gathering | msfvenom -p windows/mic_recorder |
UAC Bypass | Attempts to bypass User Account Control | Privilege Escalation | msfvenom -p windows/uac_bypass |
Windows Defender Disable | Disables Windows Defender on the system | Evading Antivirus | msfvenom -p windows/defender_disable |
Shellcode Injector | Injects a given shellcode into memory | Remote Code Execution | Custom Assembly Required |
File Dropper | Drops a file onto the system | Post Exploitation | msfvenom -p windows/dropper |
File Encrypter | Encrypts specified files, often used in ransomware | Malicious Actions | Custom Assembly Required |
Socket Reuse | Reuses existing network sockets | Post Exploitation | Custom Assembly Required |
Wake-on-LAN | Wakes up a machine over a network | Remote Code Execution | msfvenom -p windows/wake_on_lan |
DLL Injector | Injects a DLL into a process | Remote Code Execution | msfvenom -p windows/dll_inject |
Clipboard Monitor | Monitors and captures clipboard content | Information Gathering | msfvenom -p windows/clipboard_monitor |
Service Manipulator | Starts, stops, or modifies Windows services | Post Exploitation | msfvenom -p windows/service_manager |
Packet Sniffer | Sniffs network packets | Information Gathering | msfvenom -p windows/sniffer |
HTTP/S Proxy | Turns the victim machine into an HTTP/S proxy | Post Exploitation | msfvenom -p windows/proxy_http |
SOCKS Proxy | Turns the victim machine into a SOCKS proxy | Post Exploitation | msfvenom -p windows/proxy_socks |
Windows Credential Dumper | Dumps saved credentials | Information Gathering | msfvenom -p windows/creds_dump |
Registry Editor | Manipulates the Windows registry | Post Exploitation | msfvenom -p windows/reg_edit |
Remote Desktop Enable | Enables remote desktop on the victim machine | Remote Access | msfvenom -p windows/rdp_enable |
SSH Key Logger | Captures SSH key strokes | Information Gathering | msfvenom -p windows/ssh_keylog |
Process Killer | Terminates specified processes | Post Exploitation | msfvenom -p windows/kill_process |
File Finder | Searches for specified files on the system | Information Gathering | msfvenom -p windows/file_search |
Message Box Popper | Displays a message box on the victim machine | Non-malicious Prank | msfvenom -p windows/messagebox |
Windows Event Logger | Logs events in the Windows Event Viewer | Post Exploitation | msfvenom -p windows/eventlog_write |
File Binder | Binds files together | Post Exploitation | Custom Assembly Required |