Windows cmd.exe — Quick Reference
Location: C:\Windows\System32\cmd.exe
Miscellaneous
| Command |
Action |
certutil -encode <file> <output> |
Base64‑encode a file to <output> |
findstr /I /C:"<pattern>" |
Filter output for a string |
| Command |
Action |
hostname |
Show computer name |
shutdown /r /t 10 && exit |
Restart in 10 seconds and exit the shell |
wmic qfe get Caption,Description,HotFixID,InstalledOn |
List installed updates (hotfixes) |
systeminfo |
Show OS Information (Ex. name, version, and architecture) |
driverquery /v |
Enumerate installed drivers (verbose) |
net statistics workstation |
Workstation service statistics since last boot |
net statistics server |
Server service statistics since last boot |
Applications & Services
| Command |
Action |
tasklist |
List running processes |
tasklist /svc |
Map processes to hosted services |
Users & Groups
| Command |
Action |
whoami |
Show current user |
echo %username% |
Show current username (env var) |
net user |
List local user accounts |
net user <username> |
Details for a local user |
net user /domain |
List domain users (if joined) |
net localgroup Administrators |
List local administrators |
net group |
List local groups (on server editions) |
net group /domain |
List domain groups (if joined) |
net accounts |
Show password and lockout policy |
net user <username> <password> /add |
Create a local user |
net user <username> <password> /add /domain |
Create a domain user (if permitted) |
net user <username> <password> |
Change a user’s password |
net group "<Group Name>" |
Show members of a (domain) group |
net group "<Group Name>" <user> /add |
Add user to a local/domain group (context dependent) |
net group "<Group Name>" <user> /add /domain |
Add user to a domain group |
net localgroup administrators <username> /add |
Add user to local Administrators |
File System
| Command |
Action |
copy con C:\file.txt |
Create/edit a text file from console (end with Ctrl+Z, Enter) |
dir <pattern> |
List files matching pattern in current directory |
dir /s <pattern> |
Search recursively for files matching pattern |
dir /r <path> |
Display alternate data streams (ADS) |
where <file> |
Find file(s) in PATH |
where /R C:\ <file> |
Recursively search for a file from C:\ |
net use <drive>: \\<server>\<share> |
Map an SMB share to a drive letter |
mountvol |
List mounted and available volumes |
cipher /c <file> |
Display EFS encryption info for a file |
icacls <file> |
Show file or directory ACLs (modern) |
icacls <file> /grant <user>:F |
Grant full control to a user (modern) |
icacls <file> /remove <user> |
Remove a user’s access (modern) |
cacls <file> |
Show ACLs (legacy, deprecated) |
cacls <file> /e /p <user>:F |
Grant full control (legacy, deprecated) |
cacls <file> /e /r <user> |
Remove access (legacy, deprecated) |
Networking
| Command |
Action |
netstat -ano |
Show open connections/ports with PIDs |
ipconfig /all |
Detailed network configuration |
netsh advfirewall show currentprofile |
Show active firewall profile |
netsh advfirewall firewall show rule name=all |
List all firewall rules |
Firewall
| Command |
Action |
netsh advfirewall set allprofiles state off |
Disable Windows Firewall (modern) |
netsh firewall set opmode disable |
Disable Windows Firewall (legacy) |
net stop mpssvc |
Stop Windows Firewall service |