Essential commands

System Info Commands

# get system version
ver
tasklist
systeminfo
# show services
sc query state=all

# name of AV detection:
Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntivirusProduct
get-wmiobject -class "Win32_Product" -namespace "root\cimv2" -filter "Name like '%YOUR_FILTER_HERE%'"

net/domain commands

# get your privileges
whoami /priv
net user <user> /domain

# add user
net user <user> <passwd> /add
# add <user> to admins group
net localgroup "Administrators" <user> /add

utility commands

# local user manager
lusrmgr.msc
# services control panel
services.msc
# security policy manager
secpool.msc
taskmgr.exe
eventvwr.msc
# show permissions for chosen exe file
icacls <exe>

cmd.exe

Powershell

PowerSploit - offensive capabilities library

https://github.com/PowerShellMafia/PowerSploit

Sysinternals

https://docs.microsoft.com/en-us/sysinternals/

Reference

https://book.hacktricks.xyz/windows-hardening/basic-cmd-for-pentesters

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

windows.md

windows.md

Essential commands

System Info Commands

net/domain commands

utility commands

cmd.exe

Powershell

PowerSploit - offensive capabilities library

Sysinternals

Reference

Files

windows.md

Latest commit

History

windows.md

File metadata and controls

Essential commands

System Info Commands

net/domain commands

utility commands

cmd.exe

Powershell

PowerSploit - offensive capabilities library

Sysinternals

Reference