Windows reconnaissance commands

  • Recon


Systeme


systeminfo
hostename
systeminfo | findstr /B /C:"OS Name" /c:"OS Version" /C:"System Type"
wmic qfe
wmic logicaldisk
wmic logicaldisk get caption,description

 

Users

whoami
whoami /priv
whoami /groups
net user
net user administrator
net localgroup
net localgroup admnistrators

 

Network

ipconfig /all
arp -a
route print
netstat -ano

 

Passwords

findstr /si password *.txt *.ini *.config

 

looting-for-passwords

 

Anti-virus

sc query windefend
sc queryex type= service
netsh advfirewall firewall dump
netsh firewall show state
firewall show config