PowerView

Powerview is a powerful powershell script from powershell empire that can be used for enumerating a domain after you have already gained a shell in the system.

PowerSploit/Recon/PowerView.ps1 at dev · PowerShellMafia/PowerSploitGitHub

PowerView/SharpView - HackTricksbook.hacktricks.xyz

CheatSheet with commands to use with PowerView: https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

PowerView: Active Directory Enumeration | Red Team Noteswww.ired.team

Import PowerView.ps1

Start Powershell (powershell -ep bypass) -ep bypasses the execution policy of powershell allowing you to easily run scripts.

Move .ps1 file on the system and import it:

. .\Downloads\PowerView.ps1

Help about a command

get-help <COMMAND>
get-help Get-NetComputer

README - PowerSploitpowersploit.readthedocs.io

Enumerate Domain Users

Get-NetUser | Select cn

Enumerate Domain Groups

Get-NetGroup

Get-NetGroup -GroupName *admin*

Enumerate shared folders in Domain

Invoke-ShareFinder

Enumerate Computers in Domain

Get-NetComputer -FullData

PreviousBloodHound NextCheatSheet of Commands

Last updated 1 year ago