| Bind Shell | Opens a port and waits for a connection | Remote Code Execution | msfvenom -p windows/x86/bind_tcp |
| Reverse Shell | Connects to a remote host | Remote Code Execution | msfvenom -p windows/x86/reverse_tcp |
| Shellcode Encoder | Avoids detection by modifying code | Evading Antivirus | msfvenom -e x86/shikata_ga_nai |
| Download & Execute | Downloads and runs a file | Remote Code Execution | msfvenom -p windows/download_exec |
| Add User | Creates a new system user | Privilege Escalation | msfvenom -p windows/adduser |
| Meterpreter | Advanced shell with extended functionalities | Remote Code Execution | msfvenom -p windows/meterpreter/reverse_tcp |
| VNC Injection | Injects VNC server for remote GUI access | Remote Access | msfvenom -p windows/vncinject/reverse_tcp |
| Shellcode Decrypter | Decrypts encrypted payload on target | Evading Antivirus | Custom Assembly Required |
| File Deleter | Deletes specified files from the system | Post Exploitation | Custom Assembly Required |
| Port Scanner | Scans the local network for open ports | Information Gathering | msfvenom -p windows/x86/portscan |
| Payload Stager | Downloads the second stage of a payload | Remote Code Execution | msfvenom -p windows/x86/stager |
| Spawn Shell | Opens a command shell | Remote Code Execution | msfvenom -p windows/x86/shell_bind_tcp |
| Memory Executer | Executes a payload in memory | Evading Antivirus | Custom Assembly Required |
| Keyboard Logger | Captures keyboard input | Information Gathering | msfvenom -p windows/keylogger |
| Reboot Machine | Reboots the victim machine | Denial of Service | msfvenom -p windows/reboot |
| Disable Firewall | Turns off the Windows firewall | Post Exploitation | msfvenom -p windows/firewall_disable |
| Migrate Process | Moves the shellcode to a different process | Persistence | msfvenom -p windows/migrate |
| DNS Resolver | Resolves domain names to IP addresses | Information Gathering | msfvenom -p windows/dns_resolver |
| Screen Capture | Captures the current screen content | Information Gathering | msfvenom -p windows/screencap |
| Webcam Capture | Accesses and captures from the webcam | Information Gathering | msfvenom -p windows/webcam |
| Audio Capture | Records audio from the machine's microphone | Information Gathering | msfvenom -p windows/mic_recorder |
| UAC Bypass | Attempts to bypass User Account Control | Privilege Escalation | msfvenom -p windows/uac_bypass |
| Windows Defender Disable | Disables Windows Defender on the system | Evading Antivirus | msfvenom -p windows/defender_disable |
| Shellcode Injector | Injects a given shellcode into memory | Remote Code Execution | Custom Assembly Required |
| File Dropper | Drops a file onto the system | Post Exploitation | msfvenom -p windows/dropper |
| File Encrypter | Encrypts specified files, often used in ransomware | Malicious Actions | Custom Assembly Required |
| Socket Reuse | Reuses existing network sockets | Post Exploitation | Custom Assembly Required |
| Wake-on-LAN | Wakes up a machine over a network | Remote Code Execution | msfvenom -p windows/wake_on_lan |
| DLL Injector | Injects a DLL into a process | Remote Code Execution | msfvenom -p windows/dll_inject |
| Clipboard Monitor | Monitors and captures clipboard content | Information Gathering | msfvenom -p windows/clipboard_monitor |
| Service Manipulator | Starts, stops, or modifies Windows services | Post Exploitation | msfvenom -p windows/service_manager |
| Packet Sniffer | Sniffs network packets | Information Gathering | msfvenom -p windows/sniffer |
| HTTP/S Proxy | Turns the victim machine into an HTTP/S proxy | Post Exploitation | msfvenom -p windows/proxy_http |
| SOCKS Proxy | Turns the victim machine into a SOCKS proxy | Post Exploitation | msfvenom -p windows/proxy_socks |
| Windows Credential Dumper | Dumps saved credentials | Information Gathering | msfvenom -p windows/creds_dump |
| Registry Editor | Manipulates the Windows registry | Post Exploitation | msfvenom -p windows/reg_edit |
| Remote Desktop Enable | Enables remote desktop on the victim machine | Remote Access | msfvenom -p windows/rdp_enable |
| SSH Key Logger | Captures SSH key strokes | Information Gathering | msfvenom -p windows/ssh_keylog |
| Process Killer | Terminates specified processes | Post Exploitation | msfvenom -p windows/kill_process |
| File Finder | Searches for specified files on the system | Information Gathering | msfvenom -p windows/file_search |
| Message Box Popper | Displays a message box on the victim machine | Non-malicious Prank | msfvenom -p windows/messagebox |
| Windows Event Logger | Logs events in the Windows Event Viewer | Post Exploitation | msfvenom -p windows/eventlog_write |
| File Binder | Binds files together | Post Exploitation | Custom Assembly Required |