PowerShell - cmdlet

search command

Get-command get-*ip*

list files

Get-Childitem -Path C:\

file search

Get-Childitem -Path C:\ -Recurse -force -Include *.txt
Get-Childitem -Path C:\ -Recurse -force -ErrorAction SilentlyContinue -Include *interesting-file.txt*
Get-Childitem -Path C:\ -Recurse -force -ErrorAction SilentlyContinue -Filter *interesting-file.txt*

Get-ChildItem -Path C:\ -Include *.bak* -File -Recurse -ErrorAction SilentlyContinue

read file

more interesting-file.txt

search by content

Get-ChildItem C:\* -Recurse | Select-String -pattern API_KEY

show services

get-servie
get-servie | where-object -property status -eq running
get-servie | where-object -property status -eq stopped

current working directory

get-location

check if file exist

test-path c:/program files/interesting-files.txt

get list of users

get-localusers

get list of user with details

get-localuser | select *

get details of user

get-localuser -name Administrator | select *

list local groups

get-localgroups

get IP address

get-netipadresss

get all process

get-process

list scheduled tasks

get-scheduledtask

get owner of

get-acl c:

unzip

Expand-Archive -Path winpeas.zip -DestinationPath .

check .Net version

reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP"