Useful powershell commands (and cmd) Flashcards
must learn these!
Show system information
systeminfo
List all running processes
tasklist
Kill a process by name
taskkill /IM <process_name> /F</process_name>
Kill a process by PID
taskkill /PID <pid> /F</pid>
Clear the command prompt screen
cls
List files in a directory
dir
Change directory
cd <directory></directory>
Create a new directory
mkdir <directory></directory>
Remove a directory
rmdir /S /Q <directory></directory>
Copy a file
copy <source></source> <destination></destination>
Move or rename a file
move <source></source> <destination></destination>
Delete a file
del <file_name></file_name>
Show IP configuration
ipconfig /all
Release IP address
ipconfig /release
Renew IP address
ipconfig /renew
Flush DNS cache
ipconfig /flushdns
Display active network connections
netstat -an
Display listening ports
netstat -an | find “LISTEN”
Ping a host
ping <hostname_or_ip></hostname_or_ip>
Trace route to a host
tracert <hostname_or_ip></hostname_or_ip>
Check open ports on a remote host
telnet <hostname_or_ip> <port></port></hostname_or_ip>
Shutdown the computer
shutdown /s /t 0
Restart the computer
shutdown /r /t 0
Log off current user
shutdown /l
Check disk usage
chkdsk
Check and repair disk errors
chkdsk /f
Show available disk space
wmic logicaldisk get size,freespace,caption
List installed programs
wmic product get name
Find specific installed program
wmic product where “name like ‘%<program_name>%'" get name</program_name>
Create a new user
net user <username> <password> /add</password></username>
Delete a user
net user <username> /delete</username>
Add user to a group
net localgroup <groupname> <username> /add</username></groupname>
Remove user from a group
net localgroup <groupname> <username> /delete</username></groupname>
List all users
net user
List all groups
net localgroup
Enable remote desktop
reg add “HKLM\System\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f
Disable remote desktop
reg add “HKLM\System\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 1 /f
Start a service
net start <service_name></service_name>
Stop a service
net stop <service_name></service_name>
List all services
sc query
Check service status
sc query <service_name></service_name>
Enable a service
sc config <service_name> start= auto</service_name>
Disable a service
sc config <service_name> start= disabled</service_name>
List all environment variables
set
Set an environment variable
setx <variable_name> <value> /M</value></variable_name>
Delete an environment variable
setx <variable_name> "" /M</variable_name>
Get current date
echo %DATE%
Get current time
echo %TIME%
Find a string in a file
findstr “pattern” <file_name></file_name>
Create a compressed zip file
Compress-Archive -Path <file_name> -DestinationPath <output.zip></output.zip></file_name>
Extract a zip file
Expand-Archive -Path <input.zip> -DestinationPath <directory></directory></input.zip>
Get running processes (PowerShell)
Get-Process
Kill a process (PowerShell)
Stop-Process -Name <process_name> -Force</process_name>
Get system uptime (PowerShell)
(get-date) - (gcim Win32_OperatingSystem).LastBootUpTime
Get system information (PowerShell)
Get-ComputerInfo
List installed software (PowerShell)
Get-WmiObject -Query “SELECT * FROM Win32_Product”
Check Windows version (PowerShell)
Restart a service (PowerShell)
Restart-Service -Name <service_name></service_name>
List network adapters (PowerShell)
Get-NetAdapter
Disable network adapter (PowerShell)
Disable-NetAdapter -Name “<adapter_name>"</adapter_name>
Enable network adapter (PowerShell)
Enable-NetAdapter -Name “<adapter_name>"</adapter_name>
Get IP configuration (PowerShell)
Get-NetIPConfiguration
Get firewall rules (PowerShell)
Get-NetFirewallRule
Enable firewall rule (PowerShell)
Enable-NetFirewallRule -DisplayName “<rule_name>"</rule_name>
Disable firewall rule (PowerShell)
Disable-NetFirewallRule -DisplayName “<rule_name>"</rule_name>
Check open ports (PowerShell)
Test-NetConnection -ComputerName <hostname_or_ip> -Port <port></port></hostname_or_ip>
Ping a host (PowerShell)
Test-Connection -ComputerName <hostname_or_ip></hostname_or_ip>
List active TCP connections (PowerShell)
Get-NetTCPConnection
Restart computer (PowerShell)
Restart-Computer -Force
Shutdown computer (PowerShell)
Stop-Computer -Force
Get available storage (PowerShell)
Get-PSDrive -PSProvider FileSystem
Check disk health (PowerShell)
Get-PhysicalDisk
Format a disk (PowerShell)
Format-Volume -DriveLetter <drive_letter> -FileSystem NTFS -NewFileSystemLabel "NewLabel"</drive_letter>
List running services (PowerShell)
Get-Service
Start a service (PowerShell)
Start-Service -Name <service_name></service_name>
Stop a service (PowerShell)
Stop-Service -Name <service_name></service_name>
Set execution policy (PowerShell)
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
Run a script as administrator (PowerShell)
Start-Process PowerShell -Verb RunAs -ArgumentList “-File <script.ps1>"</script.ps1>
List scheduled tasks (PowerShell)
Get-ScheduledTask
Get system logs (PowerShell)
Get-EventLog -LogName System -Newest 10
Export event logs to a file (PowerShell)
wevtutil epl System C:\Logs\system.evtx /ow:true
Get information about an AD Domain
Get-ADDomain
See what groups you’re in
whoami /groups
