# Windows PowerShell Guide & Cheat Sheet A practical guide for new users learning **Windows PowerShell**. This document covers: - Basic PowerShell concepts - Command discovery - Navigation and file management - Processes and services - Networking commands - Pipelines and filtering - Script execution - Best practices - A quick reference cheat sheet PowerShell is object-based, meaning commands return **structured objects instead of plain text**, making automation and filtering far more powerful than traditional shells. ------------------------------------------------------------------------ # Table of Contents - [1. Getting Started](#1-getting-started) - [2. Discovering Commands](#2-discovering-commands) - [3. Navigation](#3-navigation) - [4. Files and Folders](#4-files-and-folders) - [5. Processes](#5-processes) - [6. Services](#6-services) - [7. System Information](#7-system-information) - [8. Networking Commands](#8-networking-commands) - [9. Event Logs](#9-event-logs) - [10. The PowerShell Pipeline](#10-the-powershell-pipeline) - [11. Filtering and Selecting Data](#11-filtering-and-selecting-data) - [12. Script Execution](#12-script-execution) - [13. Basic Scripting](#13-basic-scripting) - [14. Useful Aliases](#14-useful-aliases) - [15. Troubleshooting Commands](#15-troubleshooting-commands) - [16. Best Practices](#16-best-practices) - [17. Quick Cheat Sheet](#17-quick-cheat-sheet) ------------------------------------------------------------------------ # 1. Getting Started Open PowerShell from the Start menu by searching **PowerShell**. Run as Administrator when performing system tasks. ## Check PowerShell Version ``` powershell $PSVersionTable ``` ## Command Structure PowerShell commands follow the format: Verb-Noun Examples: ``` powershell Get-Process Get-Service Set-Location New-Item Remove-Item ``` ------------------------------------------------------------------------ # 2. Discovering Commands ### Get help for a command ``` powershell Get-Help Get-Service ``` ### Show examples ``` powershell Get-Help Get-Service -Examples ``` ### Show detailed help ``` powershell Get-Help Get-Service -Detailed ``` ### Update help files ``` powershell Update-Help ``` ### Find commands ``` powershell Get-Command *service* Get-Command *event* ``` ### Inspect objects ``` powershell Get-Service | Get-Member ``` ------------------------------------------------------------------------ # 3. Navigation ### Current location ``` powershell Get-Location ``` ### Change directory ``` powershell Set-Location C:\Temp cd C:\Temp ``` ### Go up a directory ``` powershell cd .. ``` ### Home directory ``` powershell cd ~ ``` ### List files ``` powershell Get-ChildItem ``` Aliases: dir ls ### Show hidden files ``` powershell Get-ChildItem -Force ``` ### Recursive listing ``` powershell Get-ChildItem -Recurse ``` ------------------------------------------------------------------------ # 4. Files and Folders ### Create folder ``` powershell New-Item -Path C:\Temp\TestFolder -ItemType Directory ``` ### Create file ``` powershell New-Item -Path C:\Temp\test.txt -ItemType File ``` ### Copy files ``` powershell Copy-Item C:\Temp\file.txt C:\Backup\ ``` ### Copy folder recursively ``` powershell Copy-Item C:\Temp\Folder C:\Backup\ -Recurse ``` ### Move file ``` powershell Move-Item C:\Temp\file.txt C:\Archive\ ``` ### Rename ``` powershell Rename-Item file.txt newfile.txt ``` ### Delete ``` powershell Remove-Item file.txt ``` ### Delete folder ``` powershell Remove-Item Folder -Recurse -Force ``` ### Read file ``` powershell Get-Content file.txt ``` ### Tail logs ``` powershell Get-Content log.txt -Tail 50 ``` ### Watch logs ``` powershell Get-Content log.txt -Wait ``` ------------------------------------------------------------------------ # 5. Processes ``` powershell Get-Process Get-Process notepad Start-Process notepad Stop-Process -Name notepad Stop-Process -Id 1234 -Force ``` ------------------------------------------------------------------------ # 6. Services ``` powershell Get-Service Get-Service spooler Start-Service spooler Stop-Service spooler Restart-Service spooler ``` ------------------------------------------------------------------------ # 7. System Information ``` powershell Get-ComputerInfo Get-CimInstance Win32_OperatingSystem Get-CimInstance Win32_BIOS Get-CimInstance Win32_ComputerSystem Get-Disk Get-Volume ``` ------------------------------------------------------------------------ # 8. Networking Commands ``` powershell Get-NetIPAddress Get-NetAdapter Get-DnsClientServerAddress Test-Connection google.com Test-NetConnection google.com -Port 443 Resolve-DnsName google.com ``` ------------------------------------------------------------------------ # 9. Event Logs ``` powershell Get-EventLog -List Get-EventLog -LogName System -Newest 20 Get-WinEvent -LogName System -MaxEvents 20 Get-WinEvent -LogName System | Where-Object LevelDisplayName -eq "Error" ``` ------------------------------------------------------------------------ # 10. The PowerShell Pipeline ``` powershell Get-Process | Sort-Object CPU -Descending Get-Service | Where-Object Status -eq Running Get-Process | Select-Object Name, Id, CPU | Export-Csv processes.csv -NoTypeInformation ``` ------------------------------------------------------------------------ # 11. Filtering and Selecting Data ``` powershell Get-Service | Select-Object Name, Status Get-Process | Where-Object CPU -gt 100 Get-Process | Sort-Object CPU -Descending Get-Process | Select-Object -First 10 (Get-Service).Count ``` ------------------------------------------------------------------------ # 12. Script Execution ``` powershell Get-ExecutionPolicy Set-ExecutionPolicy RemoteSigned -Scope CurrentUser .\script.ps1 powershell.exe -ExecutionPolicy Bypass -File script.ps1 ``` ------------------------------------------------------------------------ # 13. Basic Scripting ### Variables ``` powershell $name = "Server01" ``` ### If example ``` powershell if ($name -eq "Server01") { Write-Host "Match found" } ``` ### Loop ``` powershell $services = "spooler","w32time" foreach ($service in $services) { Get-Service $service } ``` ### Function ``` powershell function Get-ServiceStatus { param ($Name) Get-Service $Name } ``` ------------------------------------------------------------------------ # 14. Useful Aliases Alias Command ------- --------------- dir Get-ChildItem ls Get-ChildItem cd Set-Location pwd Get-Location cat Get-Content cp Copy-Item mv Move-Item rm Remove-Item ps Get-Process cls Clear-Host ``` powershell Get-Alias ``` ------------------------------------------------------------------------ # 15. Troubleshooting Commands ``` powershell Get-Service | Where-Object Status -eq Running Get-Service | Where-Object { $_.StartType -eq "Automatic" -and $_.Status -ne "Running" } Get-Volume Get-WinEvent -LogName System -MaxEvents 50 Get-NetTCPConnection -State Listen Test-NetConnection server01 -Port 3389 ``` ------------------------------------------------------------------------ # 16. Best Practices ### Use full command names Prefer: Get-ChildItem Instead of: ls ### Test dangerous commands ``` powershell Remove-Item C:\Temp\OldLogs\* -WhatIf ``` ### Prefer CIM over WMI ``` powershell Get-CimInstance Win32_OperatingSystem ``` ### Log sessions ``` powershell Start-Transcript C:\Temp\powershell.log Stop-Transcript ``` ------------------------------------------------------------------------ # 17. Quick Cheat Sheet ### Navigation ``` powershell Get-Location Set-Location C:\Temp Get-ChildItem ``` ### Files ``` powershell New-Item -ItemType File test.txt Copy-Item test.txt C:\Backup\ Remove-Item test.txt ``` ### Processes ``` powershell Get-Process Stop-Process notepad ``` ### Services ``` powershell Get-Service Restart-Service spooler ``` ### Networking ``` powershell Get-NetIPAddress Test-NetConnection google.com -Port 443 Resolve-DnsName google.com ``` ### Help ``` powershell Get-Help Get-Service Get-Command *network* Get-Member ``` ------------------------------------------------------------------------ # Recommended Learning Path 1. Learn **Get-Help** 2. Understand **pipelines** 3. Learn **Where-Object and Select-Object** 4. Practice **system queries** 5. Start writing **small scripts** 6. Automate real admin tasks PowerShell becomes powerful when commands are combined into automation pipelines.