by: General

USERS AND GROUPS

net user
net user newuser /add
net user newuser password /add
net localgroup users newuser /add
net user newuser
net user newuser newpassword
net user newuser *
net user newuser * /domain
wmic useraccount where name='newuser' set PasswordRequired=false
wmic useraccount where name='newuser' set PasswordExpires=false
net view
net localgroup
net localgroup administrators
net localgroup newgroupname /add
net localgroup newgroupname /del
net group "group name" "user name" /add /domain

FILES AND FOLDERS

rmdir "folder with spaces in the name"
rmdir /Q /S nonemptydir
rd /S "nonemptydir"
takeown /F "folder to get control" /R /A

GENERAL CMD

query session
logoff 1
wmic os get OSArchitecture
echo %PROCESSOR_ARCHITECTURE%
systeminfo
systeminfo | findstr /C:"Install Date"
tasklist
net share
net share "shared folder" /delete
for %i in (C$ IPC$ ADMIN$) do net share %i /delete
type myfile.txt
fc file1.txt file2.txt
netsh wlan show profile SmithHouse key=clear
type fileName.txt
irm https://example.com/

GENERAL POWERSHELL

Write-Output ANY-TEXT
Get-ComputerInfo
Get-LocalUser
Get-NetIPConfiguration
Get-NetIPAddress
Get-Command
Get-Command -CommandType "Function"
Get-Command -Name Remove*
Get-Process
Get-Service
Get-NetTCPConnection
Get-FileHash -Path .\FileName
Get-Item -Path .\FileName -Stream *
Get-Help Get-Date
Get-Help Get-Date -examples
Get-Alias
Get-ChildItem -Path C:\
Get-ChildItem | Sort-Object Length
Get-ChildItem | Where-Object -Property "Extension" -eq ".txt"
Get-ChildItem | Where-Object -Property "Name" -like "ship*"
Get-ChildItem | Select-Object Name,Length
Get-Content -Path .\File.TXT
Select-String -Path ".\File.TXT" -Pattern "TEXT"
Get-Content -Path .\File.TXT | Select-String -Pattern "TEXT"
Set-Location -Path .\Documents
New-Item -Path .\Documents -ItemType Directory
Remove-Item -Path .\Documents\FileName
Copy-Item -Path .\Documents\FileName -Destination .\Downloads\FileName
TaskList
Find-Module -Name PowerShell*
Install-Module -Name PowerShellGet
Remove-Module -Name PowerShellGet
Stop-Process -id 1
Stop-Process -name chrome
Get-Service
Get-Service vboxservice
Stop-Service vboxservice
Start-Service vboxservice
Invoke-Command -ComputerName RemoteHostName -ScriptBlock { Get-Service }

VIRTUALBOX AUTOMATION SCRIPTS

Create the following scripts and add them in Local Group Policy Editor > Windows Settings > Scripts (Startup/Shutdown).

"%ProgramFiles%\Oracle\VirtualBox\VBoxManage.exe" startvm "Ubuntu" --type headless
set VBoxManageEXE="%ProgramFiles%\Oracle\VirtualBox\VBoxManage.exe"
set ListRunningVMS=%VboxManageEXE% list runningvms
for /f tokens^=2^,4^ delims^=^" %%p in ('%ListRunningVMS%') do %VBoxManageEXE% controlvm %%p savestate

SIMPLE COMMANDS

  • hostname
  • whoami
  • ipconfig
  • netstat
  • netstat -a
  • netstat -b
  • netstat -e
  • netstat -abn
  • type

CALLING COMMON APPLICATIONS

  • lusrmgr.msc
  • control.exe
  • UserAccountControlSettings.exe
  • compmgmt.msc
  • msinfo32.exe
  • resmon.exe
  • wf.msc

BONUS

  • Windows\System32\config
    • The location where Windows stores credentials.