Listen to this Post
PowerShell is a powerful scripting language and command-line shell designed for task automation and configuration management. Below is a comprehensive cheat sheet covering essential commands, security policies, and CLI operations.
Basic PowerShell Commands
– `Get-Command` β Lists all available commands.
– `Get-Help` β Displays help for a cmdlet (e.g., Get-Help Get-Process).
– `Get-Process` β Lists all running processes.
– `Stop-Process -Name “ProcessName” -Force` β Terminates a process forcefully.
– `Get-Service` β Displays all services.
– `Start-Service -Name “ServiceName”` β Starts a service.
– `Stop-Service -Name “ServiceName”` β Stops a service.
File & Directory Operations
– `Get-ChildItem` β Lists files and directories (equivalent to `ls` or dir).
– `Copy-Item “Source” “Destination”` β Copies files/folders.
– `Remove-Item “Path”` β Deletes a file or directory.
– `New-Item -ItemType File -Name “File.txt”` β Creates a new file.
– `Set-Location “Path”` β Changes the current directory (cd equivalent).
System & Security Management
– `Get-ExecutionPolicy` β Checks the current script execution policy.
– `Set-ExecutionPolicy RemoteSigned` β Allows local scripts but requires signed remote scripts.
– `Get-NetFirewallRule` β Lists all firewall rules.
– `Enable-NetFirewallRule -DisplayName “RuleName”` β Enables a firewall rule.
– `Disable-NetFirewallRule -DisplayName “RuleName”` β Disables a firewall rule.
Networking & Remote Management
– `Test-NetConnection -ComputerName “Host” -Port 80` β Checks connectivity to a host on a specific port.
– `Invoke-WebRequest -Uri “URL”` β Downloads content from a URL (wget equivalent).
– `Enter-PSSession -ComputerName “RemotePC”` β Starts a remote PowerShell session.
– `Get-NetIPConfiguration` β Displays network configuration (IP, DNS, etc.).
Scripting & Automation
– `ForEach-Object { $_ }` β Iterates over objects in a pipeline.
– `If (condition) { action } Else { alternative }` β Basic conditional logic.
– `$Variable = “Value”` β Declares a variable.
– `Write-Output “Message”` β Prints output to the console.
You Should Know:
- Execution Policies: PowerShell restricts script execution by default. Use `Set-ExecutionPolicy` to adjust security levels.
- Remote Scripts: Always verify scripts from untrusted sources before execution.
- Logging: Enable PowerShell logging (
Start-Transcript) for auditing. - Modules: Use `Install-Module -Name “ModuleName”` to extend functionality.
What Undercode Say
PowerShell is indispensable for Windows administrators and security professionals. Mastering it enhances automation, security hardening, and system diagnostics. Key takeaways:
– Use `Get-Member` to explore object properties.
– Secure scripts with `Sign-Script` to prevent tampering.
– Leverage `Where-Object` for filtering data.
– Automate repetitive tasks with scheduled jobs (Register-ScheduledJob).
– For Linux cross-compatibility, check PowerShell Core (pwsh).
Expected Output:
PS C:> Get-Process | Where-Object { $_.CPU -gt 50 }
PS C:> Get-Service | Export-CSV "Services.csv"
PS C:> Invoke-WebRequest "https://example.com/file.exe" -OutFile "C:\Downloads\file.exe"
For advanced scripting, refer to Microsoftβs PowerShell Documentation.
References:
Reported By: Https: – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass β
