Internal Infrastructure Pentest - List of Commands
Commands for Initial Investigation
- tasklist
- TASKLIST
- TASKLIST /M
- TASKLIST /V /FO CSV
- TASKLIST /SVC /FO LIST
- TASKLIST /APPS /FI “STATUS eq RUNNING”
- TASKLIST /M wbem*
- TASKLIST /S system /FO LIST
- TASKLIST /S system /U domain\username /FO CSV /NH
- TASKLIST /S system /U username /P password /FO TABLE /NH
- TASKLIST /FI “USERNAME ne NT AUTHORITY\SYSTEM” /FI “STATUS eq running”
- ver
- ipconfig
- systeminfo
- net time
- netstat
- whoami
- net start
- qprocess
- query
Commands for Reconnaissance
- dir
- net view
- net view /all > hosts.txt
- ping
- net use
- type
- net user
- net user /domain > users.txt
- net localgroug
- net group
- net group “Domain Admins”
- net config
- net share
Commands to Spread Malware in a Network.
- at
- reg
- wmic
- wusa
- netsh advfirewall
- sc
- rundll32