Applications & Services

The applications and services of a Windows system can be listed through the command prompt. Some of the characteristics of the progams can also be modified through the command prompt.

OS Architecture
wmic OS get OSArchitecture
List Applications and their properties
#Command Prompt
Wmic product get name, version, vendor
wmic qfe get Caption, Description, HotFixID, InstalledOn
#Powershell
#32 Bit
Get-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" | select displayname
#64 Bit
Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" | select displayname
List Running Applications
Get-Process
#Powershell - Can be run using RDP only
Get-CimInstance -ClassName win32_service | Select Name,State,PathName | Where-Object {$_.State -like 'Running'}
List Installed Drivers
Driveryquery /v
List loaded Drivers

https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/driverquery

driverquery.exe /v /fo csv | ConvertFrom-CSV | Select-Object ‘Display Name’, ‘Start Mode’, Path
List versions of Drivers
List Scheduled Tasks
Procmon.exe - Filesystem, Registry and Process/thread activity

https://learn.microsoft.com/en-us/sysinternals/downloads/procmon

Icacls.exe - Lists/Modifies Discretionary ACLs of files

https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/icacls

Check Startup Type of Apps
List Firewall Rules
Enable RDP through Registry Entry

This is a very important command as this can be used to enable RDP on a system once you have privileged access to a terminal,

List Services

The following command can be used to list the services installed on the computer,

Start/Stop a Service

The windows SC command can be used to start or stop a service that is installed,

Restart Service

The following command can be used to restart a windows service through Powershell,

PreviousSystem DetailsNextFiles & Filesystems

Last updated

Was this helpful?