https://www.lnkparser.com/en/blog Latest from Blog en Thu, 28 May 2026 13:20:03 GMT https://www.lnkparser.com/en/blog/how-to-open-an-lnk-file https://www.lnkparser.com/en/blog/how-to-open-an-lnk-file Opening a Windows .lnk file usually runs its target, not the shortcut itself. Here is how to inspect the .lnk's actual binary contents safely, in your browser, with PowerShell, or with a hex viewer. Florian Amette Mon, 25 May 2026 00:00:00 GMT https://www.lnkparser.com/en/blog/lnk-file-forensics https://www.lnkparser.com/en/blog/lnk-file-forensics A field guide to the artifacts hiding inside Windows shortcut files: origin machine NetBIOS name, MAC-derived droid GUID, target FILETIMEs, volume serials, and how DFIR teams use them to reconstruct activity. Florian Amette Mon, 25 May 2026 00:00:00 GMT https://www.lnkparser.com/en/blog/lnk-file-malware https://www.lnkparser.com/en/blog/lnk-file-malware Why .lnk shortcut files are an attacker's preferred delivery vector, from Stuxnet's CVE-2010-2568 to today's ISO+LNK phishing campaigns, and how to spot a malicious one before it runs. Florian Amette Mon, 25 May 2026 00:00:00 GMT https://www.lnkparser.com/en/blog/ms-shllink-binary-format https://www.lnkparser.com/en/blog/ms-shllink-binary-format A practical walkthrough of every section of a Windows .lnk file: ShellLinkHeader, LinkTargetIDList, LinkInfo, StringData and ExtraData, cross-referenced to the MS-SHLLINK specification. Florian Amette Mon, 25 May 2026 00:00:00 GMT https://www.lnkparser.com/en/blog/what-is-an-lnk-file https://www.lnkparser.com/en/blog/what-is-an-lnk-file A short, technical tour of the Windows Shell Link (.lnk) binary format: its header, link flags, LinkInfo, StringData and ExtraData blocks, plus what this client-side parser extracts from each one. Florian Amette Mon, 18 May 2026 00:00:00 GMT