Windows Shells

Payload Types

• DLLs

• Batch

• VBS

• MSI

• Powershell

Payload Generation

Resource	Description
MSFVenom & Metasploit-Framework	Source MSF is an extremely versatile tool for any pentester's toolkit. It serves as a way to enumerate hosts, generate payloads, utilize public and custom exploits, and perform post-exploitation actions once on the host. Think of it as a swiss-army knife.
Payloads All The Things	Source Here, you can find many different resources and cheat sheets for payload generation and general methodology.
Mythic C2 Framework	Source The Mythic C2 framework is an alternative option to Metasploit as a Command and Control Framework and toolbox for unique payload generation.
Nishang	Source Nishang is a framework collection of Offensive PowerShell implants and scripts. It includes many utilities that can be useful to any pentester.
Darkarmour	Source Darkarmour is a tool to generate and utilize obfuscated binaries for use against Windows hosts.

Use CMD when:

• You are on an older host that may not include PowerShell.

• When you only require simple interactions/access to the host.

• When you plan to use simple batch files, net commands, or MS-DOS native tools.

• When you believe that execution policies may affect your ability to run scripts or other actions on the host.

Use PowerShell when:

• You are planning to utilize cmdlets or other custom-built scripts.

• When you wish to interact with .NET objects instead of text output.

• When being stealthy is of lesser concern.

• If you are planning to interact with cloud-based services and hosts.

• If your scripts set and use Aliases.