Windows PowerShell

MD MUNIF MUBTASHIMMD MUNIF MUBTASHIM
4 min read

Introduction

PowerShell is a powerful tool from Microsoft designed for task automation and configuration management. It combines a command-line interface and a scripting language built on the .NET framework. Unlike older text-based command-line tools, Power-Shell is object-oriented, which means it can handle complex data types and interact with system components more effectively. Initially exclusive to Windows, Power-Shell has lately expanded to support mac-OS and Linux, making it a versatile option for IT professionals across different operating systems.

A Brief History of PowerShell

PowerShell was developed by Microsoft to overcome the limitations of traditional Windows command-line tools like cmd.exe. Introduced in 2006, it offers an object-oriented approach using the .NET framework, enabling powerful automation and deeper integration with Windows systems. Created by Jeffrey Snover, PowerShell uses objects instead of plain text, making system management more efficient. In 2016, Microsoft released PowerShell Core—an open-source, cross-platform version for Windows, macOS, and Linux.

Basic Syntax: Verb-Noun

Get-Content →Retrieves (gets) the content of a file and displays it in the console.

-path

Set-Location →Changes (sets) the current working directory.

Basic Cmdlets

Get-Command→list all available cmdlets, functions, aliases, and scripts that can be executed in the current PowerShell session.

Get-Command -CommandType "Function"→to display only the available commands of type “function”.

Get-Help→provides detailed information about cmdlets, including usage, parameters, and examples.

Get-Alias→lists all aliases available.

dir is an alias for Get-ChildItem, and cd is an alias for Set-Location

Find-Module→to search for modules with a similar name.Example:Find-Module -Name "PowerShell*".

Install-Module→to download any module.Example:Install-Module -Name "PowerShellGet".

Get-ChildItem→lists the files and directories

-Path→to spacify location.

Set-Location→To navigate to a different directory

New-Item→To create an item in PowerShell

Remove-Item→removes both directories and files.

Copy-Item→copy or move files and directories.

Piping, Filtering, and Sorting Data

Piping is a technique used in command-line environments that allows the output of one command to be used as the input for another.In PowerShell, piping is even more powerful because it passes objects rather than just text.

Here, Get-ChildItem retrieves the files (as objects), and the pipe (|) sends those file objects to Sort-Object, which then sorts them by their Length (size) property.

Here, Where-Object filters the files by their Extension property, ensuring that only files with extension equal (-eq) to .txt are listed.

Select-Object→used to select specific properties from objects or limit the number of objects returned.

Comparison operators

  • -eq:”equal”.This operator used to check if two object are equal.

  • -ne: "not equal". This operator can be used to exclude objects from the results based on specified criteria.

  • -gt: "greater than". This operator will filter only objects which exceed a specified value. It is important to note that this is a strict comparison, meaning that objects that are equal to the specified value will be excluded from the results.

  • -ge: "greater than or equal to". This is the non-strict version of the previous operator. A combination of -gt and -eq.

  • -lt: "less than". Like its counterpart, "greater than", this is a strict operator. It will include only objects which are strictly below a certain value.

  • -le: "less than or equal to". Just like its counterpart -ge, this is the non-strict version of the previous operator. A combination of -lt and -eq.

  • -like:”matching”.that objects can also be filtered by selecting properties that match

System and Network Information

Get-ComputerInfo→provides a snapshot of the entire system configuration in a single command.

Get-LocalUser→lists all the local user accounts on the system. The default output displays, for each user, username, account status, and description.

Get-NetIPConfiguration→provides detailed information about the network interfaces on the system, including IP addresses, DNS servers, and gateway configurations.

Get-NetIPAddress→show details for all IP addresses configured on the system.

Real-Time System Analysis

Get-Process→provides a detailed view of all currently running processes, including CPU and memory usage, making it a powerful tool for monitoring and troubleshooting.

Get-Service→allows the retrieval of information about the status of services on the machine, such as which services are running, stopped, or paused. It is used extensively in troubleshooting by system administrators, but also by forensics analysts hunting for anomalous services installed on the system.

Get-NetTCPConnection→displays current TCP connections, giving insights into both local and remote endpoints.

Conclusion

PowerShell is more than just a command-line tool — it’s a powerful scripting environment designed for automation and system administration. By working with objects instead of plain text, PowerShell enables more precise, efficient, and scalable management of Windows systems. Whether you're a beginner or an IT professional, learning PowerShell equips you with essential skills to streamline tasks, boost productivity, and gain deeper control over your system environment.

0
Subscribe to my newsletter

Read articles from MD MUNIF MUBTASHIM directly inside your inbox. Subscribe to the newsletter, and don't miss out.

PowershellWindowssysadminautomationScriptingWindows Powershellcommand line

Written by

MD MUNIF MUBTASHIM
MD MUNIF MUBTASHIM

CSE student | Cybersecurity Learner | Red Team Path | Blogging my CTF & hacking journey .