Information Gatthering & Enumeration
System Information
# Using the tasklist command to look at running processes
tasklist /svc
# Display All Environment Variables
set
# View Detailed Configuration Information
systeminfo
# Patches and Updates, qfe(Quick Fix Engineering)
wmic qfe
Get-HotFix | ft -AutoSize
# Installed Programs
wmic product get name
Get-WmiObject -Class Win32_Product | select Name, Version
# Display Running Processes
netstat -ano
Network Information
# Interface(s), IP Address(es), DNS Information
ipconfig /all
# ARP Table
arp -a
# Routing Table
route print
# Display Active Network Connections
netstat -ano
# Listing Named Pipes with Pipelist
pipelist.exe /accepteula
# Additionally, we can use PowerShell to list named pipes using gci (Get-ChildItem)
gci \\\\.\\pipe\\
# Reviewing LSASS Named Pipe Permissions
accesschk.exe /accepteula \\.\Pipe\lsass -v
User & Group Information
# Logged-In Users
query user
# Current User
echo %USERNAME%
# Current User Privilege
whoami /priv
# Current User Group Information
whoami /groups
# Get All Users
net user
# Get All Groups
net localgroup
# Details About a Group
net localgroup administrators
# Get Password Policy & Other Account Information
net accounts
Enumerating Protections
# Check Windows Defender Status
Get-MpComputerStatus
# List AppLocker Rules
Get-AppLockerPolicy -Effective | select -ExpandProperty RuleCollections
# Test AppLocker Policy
Get-AppLockerPolicy -Local | Test-AppLockerPolicy -path C:\\Windows\\System32\\cmd.exe -User Everyone
Last updated