RedTeam
5.Machine
2.Windows
General
Commands
General Commands

Commands (Powershell)

Check Machine General Information

- systeminfo                   ---> Operating system, version, Hostname, hardware, ...
- systeminfo | findstr Domain  ---> Check if machine is Domain Joinned (AD)
  • General
- cd
- dir                   ---> List directory (like ls)
- type                  ---> Display text of element (like cat)
- more                  ---> Display text of element (like cat)
- | clip                ---> Copy the result of the command (clipboard)
- | Findstr X           ---> Example tasklist | findstr firefox ---> (like grep linux)
- &&                    ---> Combine Tasks
- cls                   ---> Clear terminal
  • File Permision
- icacls                ---> Find permision of a file
- cd qc                 ---> Find information application, user, binary path, ...

- assoc                 ---> List what program open what format (ex: MP4 = VLC)
- assoc .FILE-FORMAT=PROGRAM ---> Change the default program open format
  • User
- whoami                 ---> Check who you are

- net users              ---> Check all local users
- net groups             ---> Check all local groups
  • Network
- ipconfig             ---> Check ip information
- ipconfig /all        ---> Check ip information ++ (MAC Address, DNS, ...)
- ipcongif /release    ---> Remove old ip address (use renew after)
- ipconfig /renew      ---> Add new ip address
- ipconfig /flushdns   ---> Refresh cache for the DNS

- nslookup DOMAIN      ---> Check DNS record (MX, CNAME, ...)

- getmac /v            ---> Display MAC Address

- tracert (traceroute) ---> Traceroute Network
- ping

- netstat                     ---> Show open ports on the machine
- netstat -af                 ---> Show open ports on the machine (Bluetooth)
  • Others
- ls env:               ---> List all then system variable
- get-help SOFTWARE     ---> Get help message (Like -help in linux)
- taskkill /PID ID /F   ---> Kill PID process

Windows GUID Commands

run ---> lusrmgr.msc (check user, groupes, permissions ...)

**Folder Explorer**
- %windir% ---> Will locate you directly to the windows folder

**Usefull Programes
- System Controle (Services, Tools, ...)
- System Information
- Computer managment (System Tools, Storage, and Services and Applications.)
- Task Scheduler (Create Task)
- Event Viewer (Check events that have occurred on the computer)
- Ressource Monitor