PowerShell for Hackers

As I’m learning more PowerShell and dabbling into hacking I will be composing a list of techniques and scripts that I find very beneficial for administration and pen-testing.


Linux Like Watch Command

System Running Processes

IP to Hostname

Is Server Virtual or Physical?

Lookup User Information

Change File Modified Date and Time

Find Apps Running on Port


Querying Databases


Domain Controllers

Downloading Files with PowerShell

PowerShell Reverse Shells



kubectl get secret/nameofsecret -o json | jq '.data | map_values(@base64d)'

Loading Executables in PowerShell

If you screw up and have to unload your assembly try closing PowerShell. When an assembly is loaded like this in PowerShell it’s loaded into the AppDomain and remains there for the lifecycle of PowerShell.

Windows Exploit Suggester

While this is a python script. You will need to get the system info using PowerShell/CMD.


Copy and paste the results into a file and then commands can easily be ran against Windows Exploit Suggester which will help with privilege escalation.

PowerShell Frameworks & Tools

These are proven frameworks that can be used to reliably exploit a Windows environment.

Using Vim with PowerShell

First, you’ll need to install Vim. Download, run and install the file “gvim82.exe” (as of 02/06/2020)…


Once Vim is installed you’ll need to run PowerShell in Administrator mode to configure the integration.

You can learn more from this article.