PowerView

Powerview is a powerful powershell script from powershell empire that can be used for enumerating a domain after you have already gained a shell in the system.

CheatSheet with commands to use with PowerView: https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

Import PowerView.ps1

Start Powershell (powershell -ep bypass) -ep bypasses the execution policy of powershell allowing you to easily run scripts.

Move .ps1 file on the system and import it:

. .\Downloads\PowerView.ps1

Help about a command

get-help <COMMAND>
get-help Get-NetComputer

Enumerate Domain Users

Get-NetUser | Select cn

Enumerate Domain Groups

Get-NetGroup

Get-NetGroup -GroupName *admin*

Enumerate shared folders in Domain

Invoke-ShareFinder

Enumerate Computers in Domain

Get-NetComputer -FullData

PreviousBloodHound NextCheatSheet of Commands

Last updated 7 days ago