Skip to content

Windows LNK Parser & Viewer

Open a Windows .lnk shortcut and inspect its metadata — target path, arguments, timestamps and more.

Files are parsed entirely in your browser with WebAssembly and are never uploaded.

Drop a .lnk file here, or click to browse

Your file stays on this device.

LNK Parser is a free online tool to open and read Windows .lnk shortcut files. Drop a file above to view its target path, command-line arguments, working directory, timestamps and link flags. Everything runs locally with WebAssembly — your file never leaves your device, which makes it safe for forensics and incident response.

LNK file guides

Opening a Windows .lnk file usually runs its target, not the shortcut itself. Here is how to inspect the .lnk's actual binary contents safely, in your browser, with PowerShell, or with a hex viewer.
A field guide to the artifacts inside Windows shortcuts — NetBIOS name, droid GUID, target FILETIMEs, volume serials — and how DFIR teams use them.
Why .lnk shortcut files are an attacker's preferred delivery vector, from Stuxnet's CVE-2010-2568 to today's ISO+LNK phishing campaigns, and how to spot a malicious one before it runs.

Frequently asked questions

How do I open a .lnk file?
Drag a Windows .lnk shortcut onto the parser above, or click to browse for one. It decodes the file in your browser and shows the target path, arguments, working directory and timestamps. Nothing is uploaded.
Is it safe to open an .lnk file here?
Yes. The file is parsed entirely on your device with WebAssembly and never leaves your browser, so even a malicious shortcut is only inspected, never executed.
What information does a .lnk shortcut contain?
A Shell Link stores the target path, command-line arguments, working directory, icon location, creation/access/write timestamps, link flags and volume or network information — all of which this parser decodes.