- Basics
- Cmdlets
- Output Formatting
- Operators
- Advanced Operators
- Types
- Arrays
- Conditional Statements
- Loop Statements
- Basic Scripting
- Functions Part 1
- Functions Part 2
- Functions Part 3
- Advanced Functions
cd \
dir
ls
ps
Get-Help |more
Install Update-Help your computer. Enter Y
Get-Help Get-Help -Examples |more
Get-Help * |more
Get-Help *process
Get-Process
Get-Help *alias*
Get-Alias
Get-Help Get-Help -Examples |more
Get-Help about_Aliases |more
Use Get-Help to retrieve help about Get-Command:
Get-Help Get-Command |more
Use Get-Help about_[topic] to retrieve help about powershell.exe:
Get-Help powershell
Get-Help about_PowerShell.exe
DESCRIPTION
The Get-Command cmdlet gets all commands that are installed on the computer, including cmdlets, aliases, functions,workflows, filters, scripts, and applications. Get-Command gets the commands from Windows PowerShell modules and snap-ins and commands that were imported from other sessions. To get only commands that have been imported into the current session, use the ListImported parameter.
Get-Help Get-Command |more
Get-Command |more
Get-Command -CommandType Cmdlet |more
REMARKS
To see the examples, type: "get-help Get-Command -examples". For more information, type: "get-help Get-Command -detailed". For technical information, type: "get-help Get-Command -full". For online help, type: "get-help Get-Command -online"
Get-Help Get-Command -full |more
PARAMETERS
Get-Help Get-Command -Parameter * |more
Cmdlet Process
Get-Command -CommandType Cmdlet -Name *process*
Cmdlet Service
Get-Command -CommandType Cmdlet -Name *service*
Measure-Object
810 Cmdlet Installed
Get-Command -CommandType Cmdlet |Measure-Object
Get-Process |more
Get-Service |more
Get-Command -Verb stop
Get-Command -Verb start
Get-Help Start-Process -Examples |more
Start-Process -FilePath notepad.exe
Stop-Process -Name notepad
Get-Process notepad
Stop-Process -Id 6292
Get-HotFix
Get-Help *cmdlets*
Get-Help *command*
Get-Help about_Core_Commands |more
Explore cmdlets using Get-Command and pick ten cmdlets which could be useful in penetration tests.
Get-ComputerInfo
Get-Content .\log.txt.txt -TotalCount 5 |Set-Content output.txt
Get-History |more
Get-PSDrive
Get-LocalGroup
Clear-History
Get-Help Invoke-Command -Examples |more
Get-Help Import-Module -Examples |more
Get-Command -Module DnsClient * |more
Get-Command -Module NetTCPIP |more
Get-Command -CommandType Cmdlet -Name format*
Get-ChildItem |Format-Table
Get-ChildItem |Format-Table Name
Get-Command -CommandType Cmdlet -Name out*
Get-Process |Out-GridView
Get-Process |Out-File -FilePath get_process.txt
Get-Content .\get_process.txt |more
Get-ChildItem |Format-List * |Out-File -FilePath 'C:\Users\anake\Downloads\list.txt'
-eq , -ne , -gt , -lt , -le , -ge , -match , -notmatch , -replace , -like , -notlike , -in , -notin , -contains , -notcontains
>
>>
2>&1
Explore the PowerShell help system and locate help topics for various operators.
Get-Help Arith |more
SEE ALSO
about_Arithmetic_Operators
about_Assignment_Operators
about_Comparison_Operators
about_Logical_Operators
about_Type_Operators
about_Split
about_Join
about_Redirection
Calls the static properties operator and methods of a .NET Framework class. To find the static properties and methods of an object, use the Static parameter of the Get-Member cmdlet.
[datetime]::now
$i = 1
$c -split {if ($i -lt 1) {$_ -eq ","} else {$_ -eq ";"}}
Get-Help about_Comparison -Examples |more
Get-Help about_Logical -Examples |more
PSObject and the Adapted and Extended Type Systems (ATS and ETS) https://blogs.msdn.microsoft.com/besidethepoint/2011/11/22/psobject-and-the-adapted-and-extended-type-systems-ats-and-ets/
Commands in PowerShell return an array of Objects - Object[]
Index
More than one type of elements could be stored.
Get-WindowsUpdateLog
Switch -Regex -File C:\Users\anake\OneDrive\Desktop\WindowsUpdate.log { 'Validating'{$_}}
Get-ChildItem |Where-Object {$_.Name -match "txt"}
Iterate through the process running on your computer and print the path of the executable for each process.
Get-Process |ForEach-Object -MemberName Path
Run PowerShell as Administrator
Set-ExecutionPolicy Bypass
Set-ExecutionPolicy Restricted
Create a function which accepts name of a process or service and stop it.
PS C:\Users\anake> function stopped ($serv){
>> if ($serv) {Stop-Process -Name $serv}
>> }
PS C:\Users\anake> stopped MicrosoftEdge
Use a switch variable in the above function to add the ability of stopping a service as well
PS C:\Users\anake> function stopservice ($service, [switch]$stop){
>> $service
>> if ($stop) {Stop-Process -Name $service}
>> }
PS C:\Users\anake> stopservice MicrosoftEdge -stop
MicrosoftEdge
Accept a PID parameter too. If a PID is passed to the function, attempt should be made only to stop a process.
PS C:\> function StoopService ($service, [switch]$stop, [switch]$id){
>> $service
>> if ($stop) {Stop-Process -Name $service}
>> if ($id) {Stop-Process -Id $service}
>> }
