Get-Content -Path ".\big-treasure.
txt"
Get-ChildItem
Set-Location -Path ".\hidden-treasure-chest"
Set-Location ..
Get-LocalUser
Get-Command
Copy-Item -Path .\captain-cabin\captain-hat.txt -Destination .\captain-cabin\
captain-hat2.txt
Remove-Item -Path ".\captain-cabin\captain-wardrobe\captain-boots.txt"
Get-Process provides a detailed view of all currently running processes,
including CPU and memory usage, making it a powerful tool for monitoring
and troubleshooting.
Get-Service allows the retrieval of information about the status of services
on the machine, such as which services are running, stopped, or paused.
Get-NetTCPConnection To monitor active network connections, Get-
NetTCPConnection displays current TCP connections, giving insights into both
local and remote endpoints. This cmdlet is particularly handy during an
incident response or malware analysis task, as it can uncover hidden
backdoors or established connections towards an attacker-controlled server.
Get-FileHash -Path .\big-treasure.txt
Get-Help Invoke-Command -examples :: Invoke-Command is
essential for executing commands on remote systems, making it
fundamental for system administrators, security engineers and
penetration testers. Invoke-Command enables efficient remote
management and—combining it with scripting—automation of tasks
across multiple machines. It can also be used to execute payloads or
commands on target systems during an engagement by penetration
testers—or attackers alike.
