PowerView

Powerview is a powerful powershell script from powershell empire that can be used for enumerating a domain after you have already gained a shell in the system.

LogoPowerSploit/Recon/PowerView.ps1 at dev · PowerShellMafia/PowerSploitGitHub
LogoPowerView/SharpView - HackTricksbook.hacktricks.xyz

CheatSheet with commands to use with PowerView: https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

LogoPowerView: Active Directory Enumeration | Red Team Noteswww.ired.team

Import PowerView.ps1

Start Powershell (powershell -ep bypass) -ep bypasses the execution policy of powershell allowing you to easily run scripts.

Move .ps1 file on the system and import it:

. .\Downloads\PowerView.ps1

Help about a command

get-help <COMMAND>
get-help Get-NetComputer
LogoREADME - PowerSploitpowersploit.readthedocs.io

Enumerate Domain Users

Get-NetUser | Select cn

Enumerate Domain Groups

Get-NetGroup
Get-NetGroup -GroupName *admin*

Enumerate shared folders in Domain

Invoke-ShareFinder

Enumerate Computers in Domain

Get-NetComputer -FullData
PreviousBloodHoundNextCheatSheet of Commands

Last updated