Chapter 3

Windows Command Line Interface

Abstract

This chapter takes a brief look at the power of the Windows Command Line interface (CLI) that can be leveraged during forensic and incident response investigations. The Windows CLI provides investigators with a plethora of options and capabilities when performing live investigations. This chapter will examine a selection of these commands, demonstrate their use, and discuss the benefits and limitations for Windows CLI.

Keywords

Command Line Interface (CLI); Command line; Breach; Malware; Insider; Leakage; PDD-21; Critical infrastructure; dir; cd; Administrator; User; Echo; Time; Time zone; systeminfo; find; findstr; PowerShell; Help; wmic; sort; Physical; Logical; diskpart; ipconfig; netsh; ...

Get Executing Windows Command Line Investigations now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Executing Windows Command Line Investigations by Chet Hosmer, Joshua Bartolomie, Rosanne Pelli

Windows Command Line Interface

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly