Create a listener on covenant

create a PowerShell payload in covenant

using this script on windows

https://github.com/samratashok/nishang/blob/master/Client/Out-Word.ps1

go again to the listener but this time to the created one before

now you can create a fishing email and hyperlink the doc file to be downloaded