Bypassing file extension check

I am dealing with a self-made extension check in C#.

public static string GetFilename(string url) {     string filename = url.Substring(url.LastIndexOf("/") + 1);     if(filename.Contains(".")) {         string extension = filename.Substring(filename.LastIndexOf(".") + 1).ToLower();          string[] blacklisted_extensions = new string[]         {             "exe",             "msi",             "msp",             "msu",             "p2"         };          for (int i = 0; i < blacklisted_extensions.Length; i++)         {             if (blacklisted_extensions[i] == extension)             {                 throw new Exception("Blacklisted extension");             }         }          bool found_whitelisted_extension = false;         for (int i = 0; i < whitelisted_hashes.Length; i++)         {             if (whitelisted_hashes[i] == extension)             {                 found_whitelisted_extension = true;                 break;             }         }          if(!found_whitelisted_extension)             throw new Exception("Invalid extension");     }      foreach (char oldChar in Path.GetInvalidFileNameChars())     {         filename = filename.Replace(oldChar, ' ');     }      return filename; } 

The goal is to have GetFilename return a filename that if you wrote to would result in a file with one of the specified blacklisted hashes. The operating system is Windows therefore I’m thinking there might be some filename tricks you can do to have windows save under another extension without using a dot. Assume the list of whitelisted hashes does not contain any extensions that could be used to execute code. Any ideas?