From ce5479c633fb0b997708141c4a9717f530947294 Mon Sep 17 00:00:00 2001
From: adminx <ali@swordrock.com>
Date: Wed, 11 Mar 2026 11:27:43 +0000
Subject: [PATCH] Add PowerShell_Guide.md

---
 PowerShell_Guide.md | 504 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 504 insertions(+)
 create mode 100644 PowerShell_Guide.md

diff --git a/PowerShell_Guide.md b/PowerShell_Guide.md
new file mode 100644
index 0000000..01f53f8
--- /dev/null
+++ b/PowerShell_Guide.md
@@ -0,0 +1,504 @@
+# Windows PowerShell Guide & Cheat Sheet
+
+A practical guide for new users learning **Windows PowerShell**.
+
+This document covers:
+
+-   Basic PowerShell concepts
+-   Command discovery
+-   Navigation and file management
+-   Processes and services
+-   Networking commands
+-   Pipelines and filtering
+-   Script execution
+-   Best practices
+-   A quick reference cheat sheet
+
+PowerShell is object-based, meaning commands return **structured objects
+instead of plain text**, making automation and filtering far more
+powerful than traditional shells.
+
+------------------------------------------------------------------------
+
+# Table of Contents
+
+-   [1. Getting Started](#1-getting-started)
+-   [2. Discovering Commands](#2-discovering-commands)
+-   [3. Navigation](#3-navigation)
+-   [4. Files and Folders](#4-files-and-folders)
+-   [5. Processes](#5-processes)
+-   [6. Services](#6-services)
+-   [7. System Information](#7-system-information)
+-   [8. Networking Commands](#8-networking-commands)
+-   [9. Event Logs](#9-event-logs)
+-   [10. The PowerShell Pipeline](#10-the-powershell-pipeline)
+-   [11. Filtering and Selecting Data](#11-filtering-and-selecting-data)
+-   [12. Script Execution](#12-script-execution)
+-   [13. Basic Scripting](#13-basic-scripting)
+-   [14. Useful Aliases](#14-useful-aliases)
+-   [15. Troubleshooting Commands](#15-troubleshooting-commands)
+-   [16. Best Practices](#16-best-practices)
+-   [17. Quick Cheat Sheet](#17-quick-cheat-sheet)
+
+------------------------------------------------------------------------
+
+# 1. Getting Started
+
+Open PowerShell from the Start menu by searching **PowerShell**.
+
+Run as Administrator when performing system tasks.
+
+## Check PowerShell Version
+
+``` powershell
+$PSVersionTable
+```
+
+## Command Structure
+
+PowerShell commands follow the format:
+
+    Verb-Noun
+
+Examples:
+
+``` powershell
+Get-Process
+Get-Service
+Set-Location
+New-Item
+Remove-Item
+```
+
+------------------------------------------------------------------------
+
+# 2. Discovering Commands
+
+### Get help for a command
+
+``` powershell
+Get-Help Get-Service
+```
+
+### Show examples
+
+``` powershell
+Get-Help Get-Service -Examples
+```
+
+### Show detailed help
+
+``` powershell
+Get-Help Get-Service -Detailed
+```
+
+### Update help files
+
+``` powershell
+Update-Help
+```
+
+### Find commands
+
+``` powershell
+Get-Command *service*
+Get-Command *event*
+```
+
+### Inspect objects
+
+``` powershell
+Get-Service | Get-Member
+```
+
+------------------------------------------------------------------------
+
+# 3. Navigation
+
+### Current location
+
+``` powershell
+Get-Location
+```
+
+### Change directory
+
+``` powershell
+Set-Location C:\Temp
+cd C:\Temp
+```
+
+### Go up a directory
+
+``` powershell
+cd ..
+```
+
+### Home directory
+
+``` powershell
+cd ~
+```
+
+### List files
+
+``` powershell
+Get-ChildItem
+```
+
+Aliases:
+
+    dir
+    ls
+
+### Show hidden files
+
+``` powershell
+Get-ChildItem -Force
+```
+
+### Recursive listing
+
+``` powershell
+Get-ChildItem -Recurse
+```
+
+------------------------------------------------------------------------
+
+# 4. Files and Folders
+
+### Create folder
+
+``` powershell
+New-Item -Path C:\Temp\TestFolder -ItemType Directory
+```
+
+### Create file
+
+``` powershell
+New-Item -Path C:\Temp\test.txt -ItemType File
+```
+
+### Copy files
+
+``` powershell
+Copy-Item C:\Temp\file.txt C:\Backup\
+```
+
+### Copy folder recursively
+
+``` powershell
+Copy-Item C:\Temp\Folder C:\Backup\ -Recurse
+```
+
+### Move file
+
+``` powershell
+Move-Item C:\Temp\file.txt C:\Archive\
+```
+
+### Rename
+
+``` powershell
+Rename-Item file.txt newfile.txt
+```
+
+### Delete
+
+``` powershell
+Remove-Item file.txt
+```
+
+### Delete folder
+
+``` powershell
+Remove-Item Folder -Recurse -Force
+```
+
+### Read file
+
+``` powershell
+Get-Content file.txt
+```
+
+### Tail logs
+
+``` powershell
+Get-Content log.txt -Tail 50
+```
+
+### Watch logs
+
+``` powershell
+Get-Content log.txt -Wait
+```
+
+------------------------------------------------------------------------
+
+# 5. Processes
+
+``` powershell
+Get-Process
+Get-Process notepad
+Start-Process notepad
+Stop-Process -Name notepad
+Stop-Process -Id 1234 -Force
+```
+
+------------------------------------------------------------------------
+
+# 6. Services
+
+``` powershell
+Get-Service
+Get-Service spooler
+Start-Service spooler
+Stop-Service spooler
+Restart-Service spooler
+```
+
+------------------------------------------------------------------------
+
+# 7. System Information
+
+``` powershell
+Get-ComputerInfo
+Get-CimInstance Win32_OperatingSystem
+Get-CimInstance Win32_BIOS
+Get-CimInstance Win32_ComputerSystem
+Get-Disk
+Get-Volume
+```
+
+------------------------------------------------------------------------
+
+# 8. Networking Commands
+
+``` powershell
+Get-NetIPAddress
+Get-NetAdapter
+Get-DnsClientServerAddress
+Test-Connection google.com
+Test-NetConnection google.com -Port 443
+Resolve-DnsName google.com
+```
+
+------------------------------------------------------------------------
+
+# 9. Event Logs
+
+``` powershell
+Get-EventLog -List
+Get-EventLog -LogName System -Newest 20
+Get-WinEvent -LogName System -MaxEvents 20
+Get-WinEvent -LogName System | Where-Object LevelDisplayName -eq "Error"
+```
+
+------------------------------------------------------------------------
+
+# 10. The PowerShell Pipeline
+
+``` powershell
+Get-Process | Sort-Object CPU -Descending
+Get-Service | Where-Object Status -eq Running
+
+Get-Process |
+Select-Object Name, Id, CPU |
+Export-Csv processes.csv -NoTypeInformation
+```
+
+------------------------------------------------------------------------
+
+# 11. Filtering and Selecting Data
+
+``` powershell
+Get-Service | Select-Object Name, Status
+Get-Process | Where-Object CPU -gt 100
+Get-Process | Sort-Object CPU -Descending
+Get-Process | Select-Object -First 10
+(Get-Service).Count
+```
+
+------------------------------------------------------------------------
+
+# 12. Script Execution
+
+``` powershell
+Get-ExecutionPolicy
+Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
+.\script.ps1
+powershell.exe -ExecutionPolicy Bypass -File script.ps1
+```
+
+------------------------------------------------------------------------
+
+# 13. Basic Scripting
+
+### Variables
+
+``` powershell
+$name = "Server01"
+```
+
+### If example
+
+``` powershell
+if ($name -eq "Server01") {
+    Write-Host "Match found"
+}
+```
+
+### Loop
+
+``` powershell
+$services = "spooler","w32time"
+
+foreach ($service in $services) {
+    Get-Service $service
+}
+```
+
+### Function
+
+``` powershell
+function Get-ServiceStatus {
+    param ($Name)
+    Get-Service $Name
+}
+```
+
+------------------------------------------------------------------------
+
+# 14. Useful Aliases
+
+  Alias   Command
+  ------- ---------------
+  dir     Get-ChildItem
+  ls      Get-ChildItem
+  cd      Set-Location
+  pwd     Get-Location
+  cat     Get-Content
+  cp      Copy-Item
+  mv      Move-Item
+  rm      Remove-Item
+  ps      Get-Process
+  cls     Clear-Host
+
+``` powershell
+Get-Alias
+```
+
+------------------------------------------------------------------------
+
+# 15. Troubleshooting Commands
+
+``` powershell
+Get-Service | Where-Object Status -eq Running
+
+Get-Service |
+Where-Object {
+ $_.StartType -eq "Automatic" -and $_.Status -ne "Running"
+}
+
+Get-Volume
+Get-WinEvent -LogName System -MaxEvents 50
+Get-NetTCPConnection -State Listen
+Test-NetConnection server01 -Port 3389
+```
+
+------------------------------------------------------------------------
+
+# 16. Best Practices
+
+### Use full command names
+
+Prefer:
+
+    Get-ChildItem
+
+Instead of:
+
+    ls
+
+### Test dangerous commands
+
+``` powershell
+Remove-Item C:\Temp\OldLogs\* -WhatIf
+```
+
+### Prefer CIM over WMI
+
+``` powershell
+Get-CimInstance Win32_OperatingSystem
+```
+
+### Log sessions
+
+``` powershell
+Start-Transcript C:\Temp\powershell.log
+Stop-Transcript
+```
+
+------------------------------------------------------------------------
+
+# 17. Quick Cheat Sheet
+
+### Navigation
+
+``` powershell
+Get-Location
+Set-Location C:\Temp
+Get-ChildItem
+```
+
+### Files
+
+``` powershell
+New-Item -ItemType File test.txt
+Copy-Item test.txt C:\Backup\
+Remove-Item test.txt
+```
+
+### Processes
+
+``` powershell
+Get-Process
+Stop-Process notepad
+```
+
+### Services
+
+``` powershell
+Get-Service
+Restart-Service spooler
+```
+
+### Networking
+
+``` powershell
+Get-NetIPAddress
+Test-NetConnection google.com -Port 443
+Resolve-DnsName google.com
+```
+
+### Help
+
+``` powershell
+Get-Help Get-Service
+Get-Command *network*
+Get-Member
+```
+
+------------------------------------------------------------------------
+
+# Recommended Learning Path
+
+1.  Learn **Get-Help**
+2.  Understand **pipelines**
+3.  Learn **Where-Object and Select-Object**
+4.  Practice **system queries**
+5.  Start writing **small scripts**
+6.  Automate real admin tasks
+
+PowerShell becomes powerful when commands are combined into automation
+pipelines.