windows_exec_ways with msf
regsvr32(sct) : use exploit/multi/script/web_delivery set target 3
mshta(hta) : https://github.com/Jumbo-WJB/CACTUSTORCH
csc(cs) : https://github.com/Jumbo-WJB/InstallUtil-Shellcode-cs https://github.com/Jumbo-WJB/Bypass-McAfee-Application-Control--Code-Execution
wmic(xsl):http://subt0x11.blogspot.com/2018/04/wmicexe-whitelisting-bypass-hacking.html
msbuild(xml)๏ผhttps://github.com/Jumbo-WJB/nps_payload
winrm.vbs(WsmPty.xsl) : https://posts.specterops.io/application-whitelisting-bypass-and-arbitrary-unsigned-code-execution-technique-in-winrm-vbs-c8c24fb40404
rundll32.exe(inf) : https://bohops.com/2018/02/26/leveraging-inf-sct-fetch-execute-techniques-for-bypass-evasion-persistence/