You are on page 1of 20




Company Profile:
Secugenius Security Solutions is a Student Entrepreneurial Company started by 2 Social Student Entrepreneurs in 2010 with an aim to make our country Cyber Crime Free. We at SECUGENIUS are headquartered at Ludhiana, the Manchester of Punjab. The main activities of Secugenius Security Solutions are providing training in Information Security and various professional courses. Secugenius Security Solutions is an organization which believes in inventing and implementing new ideas to influence the technological minds of the youngsters Looking at the number of Cyber Crimes since last many years, We at Secugenius Security Solutions provides training on Ethical hacking & Cyber Security to students, IT Professionals, Bank Employees, Police officials. Secugenius conducts workshops in all parts of the country in various Colleges/institutions for the benefit of the students & making them aware of the latest trends in technological era of the Computer age. We believe in spreading knowledge to all the youngsters & growing minds of the nation so that they could serve the nation with perfect skill-sets in the field of Cyber Crime Investigation & Forensic Sciences Secugenius provides various security solutions to its clients by securing their websites from cyber attacks. We provide training to college students, graduates and professionals in various fields. Education is delivered to students through two modes i.e. Regular mode and Distance mode which are available as short term and long term courses. In the workshops conducted by Secugenius, participants can claim to be trained by the highly experienced & skilled corporate trainers from different parts of the nation. We believe in making the base of students to be as strong as possible. All the modules have been designed in order to provide students with specialized knowledge by specialized trainers. This library was furnished, managed and funded by the Founders and Directors of Secugenius Er. Harpreet Khattar & Er. Kshitij Adhlakha . The overall resource person for the content of the series of this Digital Library is Er. Chetan Soni - Sr. Security Specialist, Secugenius Security Solutions.

This Online Digital Library has been initiated as a free resource & permanent resource on specialization basis for every student of Team Secugenius.

Windows Command Line Cheat Sheet Commands

Product ID No: SG/ODL/13041 Founder & Director: Harpreet Khattar & Kshitij Adhlakha Resource Person: Chetan Soni & Annu Raj
Secugenius Security Solutions SCO-13A, Model Town Extn, Near Krishna Mandir, Ludhiana-141002, Punjab India, ,

Windows Command Line Cheat Sheet Commands

Chapter 1 - System Commands
1. Whoami: -- Lists your current user. Not present in all versions of Windows; however shall be present in Windows NT 6.0-6.1.

2. Whoami /all: -- Lists current user, sid, groups current user is a member of and their sids as well as current privilege level.

3. Set: -- Shows all current environmental variables. Specific ones to look for are USERDOMAIN, USERNAME, USERPROFILE, HOMEPATH, LOGONSERVER, COMPUTERNAME, APPDATA, and ALLUSERPROFILE.

4. fsutil fsinfo drives:-- Must be an administrator to run this, but it lists the current drives on the system.

Chapter 2 - Networking commands

1. Ifconfig /all: - Displays the full information about your NICs.

2. Ipconfig /displaydns: -- Displays your local DNS cache.


netstat nabo:-- Lists ports / connections with corresponding process (-b), dont perform looking (-n), all connections (-a) and owning process ID (-

4. netstat r:-- Displays the routing table.

5. netstat -na | findstr :445:-- Find all listening ports and connections on port 445.

6. netstat -nao | findstr LISTENING:-- Find all LISTENING ports and their associated PIDs.

7. net view:-- Queries NBNS/SMB (SAMBA) and tries to find all hosts in your current workgroup or

8. net view /domain:-- List all domains available to the host.

9. net accounts:-- Prints the password policy for the local system. This can be different and
superseded by the domain policy.

10. net localgroup administrators: -- Prints the members of the Administrators local group

11. Net share: -- Displays your currently shared SMB entries, and what path(s) they point to.

12. arp a:-- Lists all the systems currently in the machines ARP table.

13. route print:-- Prints the machines routing table. This can be good for finding other networks and
static routes that have been put in place.

14. netsh wlan show profiles:-- shows all saved wireless profiles. You may then export the info for
those profiles with the command below.

15. netsh wlan export profile folder=. key=clear:-- exports a user wifi profile with the password
in plaintext to an xml file in the current working directory.

16. wmic ntdomain list:--- Retrieve information about Domain and Domain Controller.

Chapter 3 - WMI
1. Wmic bios:---

2. wmic qfe qfe get hotfixid

3. wmic startupwmic service 4. wmic process get caption,executablepath,commandline 5. wmic process call create process_name (executes a program) 6. wmic process where name=process_name call terminate (terminates program) 7. wmic logicaldisk where drivetype=3 get name, freespace, systemname, filesystem, size, volumeserialnumber (hard drive information) 8. wmic useraccount (usernames, sid, and various security related goodies) 9. wmic useraccount get /ALL 10. wmic share get /ALL (you can use ? for gets help ! ) 11. wmic startup list full (this can be a huge list!!!)

Chapter 4 - Alerting commands.

1. net user hacker hacker /add:--- Creates a new local (to the victim) user called hacker with the password of hacker.

Chapter 5 - Config commands

1. echo %COMSPEC%:--- Usually going to be cmd.exe in the Windows directory, but its good to know for sure.

2. gpresult /z:-- Extremely verbose output of GPO (Group policy) settings as applied to the current system and use

3. sc sq:--

4. sc query:--

5. c:\windows\system32\gathernetworkinfo.vbs:-enumerates registry, firewall config, dns cache, etc.






Chapter 6 - Binary planting

1. msiexec.exe:--- Basically put evil binary named msiexec.exe in Downloads directory and when a
installer calls msiexec without specifying path you get code execution.

Chapter 7 - Networking commands

1. arp a:--- Lists all the systems currently in the machines ARP table.

Chapter 8 - Finding important files

1. tree C:\ /f /a > C:\output_of_tree.txt:--- Prints a directory listing in tree format. The /a
makes the tree printed with ASCII characters instead of special ones and the /f displays file names as well as folders.

2. dir /a:-3. dir /b /s [Directory or Filename] 4. dir \ /s /b | find /I searchstring 5. command | find /c /v