PowerShell
To check modules already loaded
To import active directory module
Domain info
To get user info
To get all groups:
Detailed group info:
To get group members:
PowerView or SharpView
Command | Description |
| Append results to a CSV file |
| Convert a User or group name to its SID value |
| Requests the Kerberos ticket for a specified Service Principal Name (SPN) account |
Domain/LDAP Functions: | |
| Will return the AD object for the current (or specified) domain |
| Return a list of the Domain Controllers for the specified domain |
| Will return all users or specific user objects in AD |
| Will return all computers or specific computer objects in AD |
| Will return all groups or specific group objects in AD |
| Search for all or specific OU objects in AD |
| Finds object ACLs in the domain with modification rights set to non-built in objects |
| Will return the members of a specific domain group |
| Returns a list of servers likely functioning as file servers |
| Returns a list of all distributed file systems for the current (or specified) domain |
GPO Functions: | |
| Will return all GPOs or specific GPO objects in AD |
| Returns the default domain policy or the domain controller policy for the current domain |
Computer Enumeration Functions: | |
| Enumerates local groups on the local or a remote machine |
| Enumerates members of a specific local group |
| Returns open shares on the local (or a remote) machine |
| Will return session information for the local (or a remote) machine |
| Tests if the current user has administrative access to the local (or a remote) machine |
Threaded 'Meta'-Functions: | |
| Finds machines where specific users are logged in |
| Finds reachable shares on domain machines |
| Searches for files matching specific criteria on readable shares in the domain |
| Find machines on the local domain where the current user has local administrator access |
Domain Trust Functions: | |
| Returns domain trusts for the current domain or a specified domain |
| Returns all forest trusts for the current forest or a specified forest |
| Enumerates users who are in groups outside of the user's domain |
| Enumerates groups with users outside of the group's domain and returns each foreign member |
| Will enumerate all trusts for the current domain and any others seen. |
Last updated