Back to course

Understanding Windows Command Prompt and PowerShell

Cyber Security Mastery: From Zero to Hero

Windows CLI Environments

Just like Linux, Windows requires command-line skills for administration, forensics, and running specialized tools.

1. Command Prompt (cmd.exe)

The older, simpler CLI based on MS-DOS.

  • Useful commands: ipconfig (check IP address), ping, netstat (view network connections).

2. PowerShell

PowerShell is a modern, cross-platform object-oriented shell and scripting language. It is far more powerful than cmd.

  • Features: Uses cmdlets (command-lets, e.g., Get-Process, Set-ExecutionPolicy).
  • Security Relevance: Attackers frequently use PowerShell for fileless malware and living-off-the-land techniques (using native tools to perform attacks), as it is often trusted by security systems.

Example PowerShell Command (Viewing active network connections):

powershell Get-NetTCPConnection | Where-Object {$_.State -eq "Established"}