Command Quick Reference

# Computer info
Get-ComputerInfo
systeminfo

# OS version
Get-CimInstance Win32_OperatingSystem

# Hardware info
Get-CimInstance Win32_ComputerSystem

# BIOS info
Get-CimInstance Win32_BIOS

# CPU info
Get-CimInstance Win32_Processor

# Memory info
Get-CimInstance Win32_PhysicalMemory | Select-Object Capacity,Speed,Manufacturer

# Disk info
Get-PhysicalDisk
Get-Disk

# Local users
Get-LocalUser
New-LocalUser -Name "username"
Remove-LocalUser -Name "username"
Set-LocalUser -Name "username" -Password (ConvertTo-SecureString "password" -AsPlainText -Force)

# Local groups
Get-LocalGroup
Add-LocalGroupMember -Group "Administrators" -Member "username"
Get-LocalGroupMember -Group "Administrators"

# Domain users (requires AD module)
Get-ADUser -Identity username
Get-ADUser -Filter * -SearchBase "OU=Users,DC=domain,DC=com"

# List services
Get-Service
Get-Service | Where-Object {$_.Status -eq "Running"}

# Start/stop service
Start-Service -Name "ServiceName"
Stop-Service -Name "ServiceName"
Restart-Service -Name "ServiceName"

# Service status
Get-Service -Name "ServiceName"

# Set startup type
Set-Service -Name "ServiceName" -StartupType Automatic

# List processes
Get-Process
Get-Process | Sort-Object CPU -Descending | Select-Object -First 10

# Kill process
Stop-Process -Id 1234
Stop-Process -Name "notepad" -Force

# Start process
Start-Process notepad.exe

# IP configuration
Get-NetIPAddress
Get-NetIPConfiguration

# Set static IP
New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress 192.168.1.100 -PrefixLength 24 -DefaultGateway 192.168.1.1

# DNS settings
Get-DnsClientServerAddress
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses ("8.8.8.8","8.8.4.4")

# Test connectivity
Test-NetConnection google.com
Test-NetConnection -ComputerName server.com -Port 443

# Network adapters
Get-NetAdapter
Restart-NetAdapter -Name "Ethernet"

# List files
Get-ChildItem
Get-ChildItem -Recurse
Get-ChildItem -Path C:\Temp -Filter *.txt

# Copy/move/delete
Copy-Item source.txt destination.txt
Move-Item file.txt C:\Temp
Remove-Item file.txt

# Create directory
New-Item -ItemType Directory -Path C:\Temp\NewFolder

# Get file hash
Get-FileHash file.txt -Algorithm SHA256

# Search for files
Get-ChildItem -Path C:\ -Recurse -Filter "*.log" -ErrorAction SilentlyContinue

# Enable PSRemoting
Enable-PSRemoting -Force

# Remote session
Enter-PSSession -ComputerName SERVER01
$session = New-PSSession -ComputerName SERVER01

# Run command remotely
Invoke-Command -ComputerName SERVER01 -ScriptBlock {Get-Service}

# Copy files to remote
Copy-Item -Path C:\file.txt -Destination C:\Temp -ToSession $session

# System info
systeminfo
hostname
ver

# Environment variables
set
echo %COMPUTERNAME%
echo %USERNAME%

# Disk check
chkdsk C: /f
sfc /scannow
DISM /Online /Cleanup-Image /RestoreHealth

# Shutdown/restart
shutdown /s /t 0
shutdown /r /t 0
shutdown /a

# IP configuration
ipconfig
ipconfig /all
ipconfig /release
ipconfig /renew
ipconfig /flushdns

# Connectivity tests
ping google.com
ping -t google.com
tracert google.com
pathping google.com

# Network statistics
netstat -ano
netstat -b
netstat -r

# ARP cache
arp -a
arp -d

# Route table
route print
route add 10.0.0.0 mask 255.0.0.0 192.168.1.1

# Domain info
nltest /dclist:domain.com
nltest /dsgetdc:domain.com

# Trust relationships
nltest /domain_trusts

# Time sync
w32tm /query /status
w32tm /resync

# User info
whoami
whoami /all
whoami /groups

# OS info
uname -a
cat /etc/os-release
lsb_release -a

# Hardware info
lscpu
lsmem
lsblk
lspci
lsusb

# Uptime and load
uptime
top
htop

# Disk usage
df -h
du -sh /path

# User operations
useradd username
usermod -aG sudo username
userdel username
passwd username

# View users
cat /etc/passwd
who
w
last

# Switch user
su - username
sudo -i

# Navigation
ls -la
cd /path
pwd

# File operations
cp source dest
mv source dest
rm file
rm -rf directory

# Permissions
chmod 755 file
chmod +x script.sh
chown user:group file

# Search
find / -name "filename"
find /path -type f -mtime -7
grep -r "pattern" /path

# File content
cat file
less file
head -n 20 file
tail -f /var/log/syslog

# View processes
ps aux
ps aux | grep process
top
htop

# Kill processes (graceful to forceful escalation)
kill PID              # SIGTERM (15) - graceful shutdown, allows cleanup
kill -15 PID          # Same as above, explicit SIGTERM
kill -2 PID           # SIGINT (Ctrl+C equivalent)
kill -1 PID           # SIGHUP (reload config)
kill -9 PID           # SIGKILL - ONLY use as last resort! Forceful, no cleanup

# Kill by name
killall processname   # Send SIGTERM to all matching processes
pkill processname     # More flexible pattern matching

# Background jobs
command &
jobs
fg %1
bg %1

# systemd (modern)
systemctl status service
systemctl start service
systemctl stop service
systemctl restart service
systemctl enable service
systemctl disable service
systemctl list-units --type=service

# SysV init (older)
service service status
service service start
/etc/init.d/service restart

# IP configuration
ip addr show
ip addr add 192.168.1.100/24 dev eth0
ip route show
ip route add default via 192.168.1.1

# Legacy commands (still common)
ifconfig
ifconfig eth0 192.168.1.100 netmask 255.255.255.0
route -n

# Connectivity
ping -c 4 google.com
traceroute google.com
mtr google.com

# DNS
nslookup google.com
dig google.com
host google.com

# Ports and connections
ss -tulpn
netstat -tulpn
lsof -i :80

apt update
apt upgrade
apt install package
apt remove package
apt search package
apt list --installed

yum update
yum install package
yum remove package
yum search package
yum list installed

pacman -Syu
pacman -S package
pacman -R package
pacman -Ss package

# Common log locations
/var/log/syslog          # System logs (Debian/Ubuntu)
/var/log/messages        # System logs (RHEL/CentOS)
/var/log/auth.log        # Authentication logs
/var/log/apache2/        # Apache logs
/var/log/nginx/          # Nginx logs

# View logs
tail -f /var/log/syslog
journalctl -f
journalctl -u service.service
journalctl --since "1 hour ago"

# Disk usage
df -h
du -sh *

# Mount/unmount
mount /dev/sdb1 /mnt
umount /mnt
mount -a

# Check filesystem
fsck /dev/sdb1
e2fsck /dev/sdb1

# Create filesystem
mkfs.ext4 /dev/sdb1
mkfs.xfs /dev/sdb1

# tar
tar -czf archive.tar.gz /path
tar -xzf archive.tar.gz
tar -tzf archive.tar.gz

# zip
zip -r archive.zip /path
unzip archive.zip

# gzip
gzip file
gunzip file.gz

# Basic info
show version
show running-config
show startup-config

# Interfaces
show ip interface brief
show interfaces status
show interfaces GigabitEthernet0/1

# Routing
show ip route
show ip protocols
show ip ospf neighbor
show ip bgp summary

# VLANs
show vlan brief
show interfaces trunk
show vlan id 10

# Switching
show mac address-table
show spanning-tree

# Save config
copy running-config startup-config
write memory

# DNS tools
nslookup domain.com
dig domain.com
dig @8.8.8.8 domain.com
host domain.com

# WHOIS
whois domain.com
whois 8.8.8.8

# HTTP testing
curl https://example.com
curl -I https://example.com
wget https://example.com

# Port scanning
nmap -sT target
nmap -sS target
nmap -p 1-1000 target

# Packet capture
tcpdump -i eth0
tcpdump -i eth0 port 80
tcpdump -i eth0 -w capture.pcap

# SSL/TLS testing
openssl s_client -connect example.com:443

-- Connect
mysql -u root -p
mysql -h hostname -u username -p database

-- Database operations
SHOW DATABASES;
CREATE DATABASE dbname;
USE dbname;
DROP DATABASE dbname;

-- Table operations
SHOW TABLES;
DESCRIBE tablename;
SELECT * FROM tablename LIMIT 10;

-- User management
CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON dbname.* TO 'username'@'localhost';
FLUSH PRIVILEGES;

-- Backup/Restore
mysqldump -u root -p database > backup.sql
mysql -u root -p database < backup.sql

-- Connect
psql -U username -d database
psql -h hostname -U username database

-- Database operations
\l                    -- List databases
\c database          -- Connect to database
CREATE DATABASE dbname;

-- Table operations
\dt                   -- List tables
\d tablename         -- Describe table
SELECT * FROM tablename LIMIT 10;

-- User management
CREATE USER username WITH PASSWORD 'password';
GRANT ALL PRIVILEGES ON DATABASE dbname TO username;

# Container operations
docker ps
docker ps -a
docker run -d nginx
docker stop container_id
docker start container_id
docker restart container_id
docker rm container_id
docker logs container_id
docker exec -it container_id /bin/bash

# Image operations
docker images
docker pull image:tag
docker build -t myimage .
docker rmi image_id
docker tag source:tag target:tag

# System operations
docker system df
docker system prune
docker volume ls
docker network ls

# Docker Compose
docker-compose up -d
docker-compose down
docker-compose ps
docker-compose logs -f

# Repository setup
git init
git clone https://github.com/user/repo.git

# Basic workflow
git status
git add file
git add .
git commit -m "message"
git push origin main
git pull

# Branching
git branch
git branch new-branch
git checkout branch-name
git checkout -b new-branch
git merge branch-name

# History
git log
git log --oneline
git diff
git show commit-hash

# Undo changes
git reset HEAD file
git checkout -- file
git revert commit-hash

# Find large files
Get-ChildItem -Recurse | Sort-Object Length -Descending | Select-Object -First 10 Name,@{Name="MB";Expression={$_.Length/1MB}}

# Get installed software
Get-WmiObject -Class Win32_Product | Select-Object Name,Version

# Check Windows activation
slmgr /xpr

# View event log errors
Get-EventLog -LogName System -EntryType Error -Newest 10

# Find large files
find / -type f -size +100M 2>/dev/null

# Check disk I/O
iostat -x 1

# Network connections by count
netstat -an | awk '{print $6}' | sort | uniq -c

# Check who's logged in
w

# Find files modified today
find /path -type f -mtime 0

# Check open files by process
lsof -p PID