Gathering Information of the System
1. Network & System Information
Network Configuration:
ipconfig /all
→ View detailed network interface configurations (IP, DNS, etc.).arp -a
→ Display ARP cache (shows local network devices).route print
→ View the system's routing table.
Service Information:
tasklist /svc
→ List all running processes along with their services.netstat -ano
→ Display active TCP/UDP connections and listening ports with process IDs.
System Info:
systeminfo
→ Get a comprehensive overview of the system (OS version, architecture, hotfixes, etc.).wmic product get name
→ List installed software via the command line.Get-WmiObject -Class Win32_Product | select Name, Version
→ List installed software via PowerShell.
2. User & Privilege Enumeration
Current User & Privileges:
whoami /priv
→ List current user privileges.whoami /groups
→ List group memberships for the current user.net user
→ Get a list of all user accounts.query user
→ Display logged-in users on the system.
Groups & Password Policies:
net localgroup
→ List all local groups.net localgroup "Backup Operators"
→ List users in the Backup Operators group.net accounts
→ View password policies and other account-related configurations.
3. Security Tools & Configuration
Windows Defender:
Get-MpComputerStatus
→ Check the status of Windows Defender (active, signatures, etc.).
AppLocker:
Get-AppLockerPolicy -Effective | select -ExpandProperty RuleCollections
→ List effective AppLocker rules.Test-AppLockerPolicy -Path C:\Windows\System32\cmd.exe -User Everyone
→ Test if a specific executable (cmd.exe) can be run for a specific user.
4. Named Pipes & Permission Enumeration
Listing Named Pipes:
pipelist.exe /accepteula
→ List all named pipes on the system.
Access Rights to Named Pipes:
accesschk.exe /accepteula \\.\Pipe\lsass -v
→ Check permissions for a specific named pipe (e.g., LSASS pipe).accesschk.exe /accepteula -w \\.\Pipe\SQLLocal\SQLEXPRESS01 -v
→ Check write access for a SQL pipe.
5. Environment Variables & Other Useful Commands
View Environment Variables:
set
→ Display environment variables for the current session.
Last updated