🛠️ ClickFix Techniques

These are examples of different social engineering techniques utilized by attackers to trick users into running malicious commands. Use this information for educational and defensive purposes.

Platform
Windows
Mac
Linux
Interface
GUI
CLI
Capabilities
UAC
MOTW
File Explorer
taskmgr.exe
windows gui File Explorer GUI
1 lure
perfmon.exe
windows gui File Explorer GUI
1 lure
dcomcnfg.exe
windows gui File Explorer GUI
1 lure
ClickOnce launcher (dfshim)
windows gui GUI
1 lure
Terminal
mac cli CLI Credential Theft Data Exfiltration Persistence
2 lures
msbuild.exe
windows cli MOTW UAC
2 lures
DxDiag.exe
windows gui File Explorer MOTW
1 lure
certutil.exe
windows cli MOTW UAC
2 lures
iexpress.exe
windows gui File Explorer GUI
1 lure
FileHistory.exe
windows gui File Explorer MOTW UAC
2 lures
fsquirt.exe
windows gui File Explorer GUI
1 lure
ftp.exe
windows cli UAC
2 lures
control.exe
windows gui File Explorer GUI MOTW UAC
3 lures
regasm.exe
windows cli MOTW UAC
2 lures
CompMgmtLauncher.exe
windows gui File Explorer GUI
4 lures
msra.exe
windows gui File Explorer MOTW
1 lure
osascript
mac cli CLI Credential Theft Data Exfiltration
1 lure
colorcpl.exe
windows gui File Explorer MOTW
2 lures
cmd.exe
windows cli UAC
2 lures
eventvwr.exe
windows gui File Explorer GUI
2 lures
MRT.exe
windows gui File Explorer MOTW UAC
2 lures
explorer shell URIs
windows gui File Explorer GUI
2 lures
msiexec.exe
windows cli CLI
1 lure
search-ms protocol
windows gui File Explorer GUI
1 lure
wscript.exe
windows cli MOTW UAC
2 lures
wextract.exe
windows gui CLI File Explorer GUI
2 lures
Office URI schemes (ms-word/ms-excel)
windows gui File Explorer GUI
1 lure
conhost.exe
windows cli UAC
2 lures
credwiz.exe
windows gui File Explorer MOTW UAC
2 lures
powershell.exe
windows cli MOTW UAC
2 lures
FileFix (Explorer address bar)
windows gui CLI File Explorer GUI
3 lures
certreq.exe
windows cli File Explorer MOTW UAC
2 lures
wusa.exe
windows cli CLI
1 lure
mshta.exe
windows cli MOTW UAC
2 lures
rundll32.exe
windows cli MOTW UAC
2 lures
forfiles.exe
windows cli CLI File Explorer
4 lures