My Windows CMD Cheat Sheet

Miguel Sampaio da Veiga
Hacker Toolbelt
Published in
1 min readFeb 28, 2019

These commands are run locally or, using psexec from the Sysinternals Suite to obtain a shell, remotely:

psexec \\remote_host cmd

The following list is a compilation of some of the most common commands.

Network

  • Echo reply: ping 192.168.0.1
  • View route to host: tracert 192.168.0.1
  • Route to host with latency and network loss: pathping 192.168.0.1
  • View network settings: ipconfig /all
  • View TCP/UDP connections: netstat

Processes

  • View running processes: tasklist
  • View console processes: tasklist /FI “SESSIONNAME eq Console”
  • View user processes: query process user
  • Kill processes by name: taskkill /F /IM processname.exe
  • Kill processes by PID: taskkill /F /PID XXX

Services

  • Running services: net start

Users

  • Username: echo %username%
  • list users: query user
  • list sessions: query session
  • logoff by user: logoff sessionnumber
  • logoff by session: logoff sessionname

Windows

  • PC name: hostname
  • Reboot immediately: shutdown -r -t 0
  • Shutdown immediately: shutdown -s -t 0

--

--