My Windows CMD Cheat Sheet

These commands are run locally or, using psexec from the Sysinternals Suite to obtain a shell, remotely:

psexec \\remote_host cmd

The following list is a compilation of some of the most common commands.

Network

• Echo reply: ping 192.168.0.1
• View route to host: tracert 192.168.0.1
• Route to host with latency and network loss: pathping 192.168.0.1
• View network settings: ipconfig /all
• View TCP/UDP connections: netstat

Processes

• View running processes: tasklist
• View console processes: tasklist /FI “SESSIONNAME eq Console”
• View user processes: query process user
• Kill processes by name: taskkill /F /IM processname.exe
• Kill processes by PID: taskkill /F /PID XXX

Services

• Running services: net start

Users

• Username: echo %username%
• list users: query user
• list sessions: query session
• logoff by user: logoff sessionnumber
• logoff by session: logoff sessionname

Windows

• PC name: hostname
• Reboot immediately: shutdown -r -t 0
• Shutdown immediately: shutdown -s -t 0