PowerShell Commands

PowerShell cmdlets and scripting reference.

File & Directory Operations

Get-ChildItem -Path C:\

List files and directories (ls)

Get-ChildItem -Recurse

List files recursively

Copy-Item -Path file.txt -Destination dest

Copy file

Move-Item -Path file.txt -Destination dest

Move file

Remove-Item -Path file.txt

Delete file

New-Item -Path file.txt -ItemType File

Create new file

New-Item -Path C:\dir -ItemType Directory

Create new directory

Test-Path -Path file.txt

Check if path exists

Get-Content -Path file.txt

Read file contents (cat)

Set-Content -Path file.txt -Value "text"

Write to file

Process Management

Get-Process

List all running processes (ps)

Get-Process -Name notepad

Get specific process by name

Stop-Process -Name notepad

Stop process by name

Stop-Process -Id 1234

Stop process by ID

Start-Process notepad.exe

Start a new process

Get-Process | Sort-Object CPU -Descending

List processes by CPU usage

Get-Process | Where-Object {$_.CPU -gt 100}

Filter processes by CPU

Services

Get-Service

List all services

Get-Service -Name wuauserv

Get specific service

Start-Service -Name wuauserv

Start a service

Stop-Service -Name wuauserv

Stop a service

Restart-Service -Name wuauserv

Restart a service

Set-Service -Name wuauserv -StartupType Automatic

Set service startup type

Get-Service | Where-Object {$_.Status -eq "Running"}

List running services

Network Commands

Test-Connection -ComputerName google.com

Ping a host

Test-NetConnection -ComputerName google.com -Port 443

Test TCP connection

Get-NetIPAddress

Show IP addresses

Get-NetIPConfiguration

Show network configuration (ipconfig)

Get-DnsClientCache

Display DNS cache

Clear-DnsClientCache

Clear DNS cache (ipconfig /flushdns)

Resolve-DnsName google.com

DNS lookup (nslookup)

Get-NetTCPConnection

Show TCP connections (netstat)

System Information

Get-ComputerInfo

Get detailed computer information

$PSVersionTable

Show PowerShell version

Get-Host

Get host information

Get-WmiObject Win32_OperatingSystem

Get OS information

Get-WmiObject Win32_ComputerSystem

Get computer system info

Get-WmiObject Win32_BIOS

Get BIOS information

Get-Hotfix

List installed Windows updates

Get-EventLog -LogName System -Newest 10

Get recent system events

User & Security

Get-LocalUser

List local user accounts

Get-LocalGroup

List local groups

New-LocalUser -Name "username"

Create new local user

Add-LocalGroupMember -Group "Administrators" -Member "user"

Add user to group

Get-ExecutionPolicy

Get current execution policy

Set-ExecutionPolicy RemoteSigned

Set execution policy

Get-Acl -Path C:\file.txt

Get file permissions

whoami /user

Show current user SID

Variables & Objects

$variable = "value"

Assign variable

Get-Variable

List all variables

$env:PATH

Access environment variable

[Environment]::SetEnvironmentVariable("VAR", "value", "User")

Set environment variable

Get-Member

Show object properties and methods

Get-Process | Get-Member

Show process object members

Measure-Object

Calculate numeric properties

Select-Object -Property Name, CPU

Select specific properties

Pipeline & Filtering

Get-Process | Where-Object {$_.CPU -gt 50}

Filter objects (where)

Get-Service | Sort-Object Status

Sort objects

Get-Process | Select-Object -First 5

Select first N objects

Get-ChildItem | Measure-Object -Property Length -Sum

Sum file sizes

Get-Process | Export-Csv processes.csv

Export to CSV

Import-Csv data.csv

Import from CSV

Get-Content file.txt | Select-String "pattern"

Search text (grep)

Get-Process | Out-GridView

Display in GUI grid view

Remote Management

Enter-PSSession -ComputerName server01

Start interactive remote session

Invoke-Command -ComputerName server01 -ScriptBlock {Get-Process}

Run command on remote computer

New-PSSession -ComputerName server01

Create persistent remote session

Get-PSSession

List active remote sessions

Remove-PSSession -Id 1

Close remote session

Enable-PSRemoting

Enable PowerShell remoting

Test-WSMan -ComputerName server01

Test WinRM connectivity

Registry & Configuration

Get-ItemProperty -Path "HKLM:\Software"

Read registry key

Set-ItemProperty -Path "HKLM:\Software" -Name "Key" -Value "Value"

Set registry value

New-Item -Path "HKLM:\Software\NewKey"

Create registry key

Remove-Item -Path "HKLM:\Software\Key"

Delete registry key

Get-PSDrive

List PowerShell drives (including registry)

PowerShell 5 to 7 Breaking Changes

# PowerShell 7 uses .NET Core (cross-platform)

Major change: PowerShell 7 runs on .NET Core, not .NET Framework

Get-Error

NEW in PS 7: Enhanced error reporting (replaces $Error[0] | Format-List * -Force)

Get-Help -Name * -ShowWindow

REMOVED in PS 7: -ShowWindow parameter no longer available

Add-Type -AssemblyName System.Windows.Forms

CHANGED: Some .NET Framework assemblies not available in .NET Core

Get-Command -ParameterName *Credential*

IMPROVED: Better parameter searching in PS 7

Select-String -Pattern "test" -UseCultureInvariant

NEW in PS 7: Culture invariant matching

Invoke-RestMethod -SkipCertificateCheck

NEW in PS 7: Skip SSL certificate validation

ConvertTo-Json -Compress -Depth 100

CHANGED: Default depth changed from 2 to 100 in PS 7

Get-Process | Sort-Object -Property CPU

CHANGED: Some WMI-based properties not available in PS 7

New-Object -ComObject Excel.Application

REMOVED in PS 7 on Linux/macOS: COM objects only on Windows

Get-WmiObject -Class Win32_Process

DEPRECATED: Use Get-CimInstance instead (works in PS 7)

Get-CimInstance -ClassName Win32_Process

REPLACEMENT: Use CIM cmdlets instead of WMI (PS 7 compatible)

Invoke-CimMethod -ClassName Win32_Process -MethodName Create

REPLACEMENT: Use CIM instead of Invoke-WmiMethod

Register-CimIndication -Query "SELECT * FROM __InstanceModificationEvent"

REPLACEMENT: Use CIM instead of Register-WmiEvent

Get-EventLog -LogName System

LIMITED in PS 7: Only works on Windows, not cross-platform

Get-WinEvent -FilterHashtable @{LogName="System"}

PREFERRED: Use Get-WinEvent instead of Get-EventLog

Start-Transcript -Path transcript.txt

CHANGED: Transcript output format improved in PS 7

Set-PSReadLineOption -PredictionSource History

NEW in PS 7: Command line prediction (like bash zsh)

Get-Date -AsUTC

NEW in PS 7: Convert to UTC timezone

Get-TimeZone -ListAvailable

IMPROVED: Better timezone support in PS 7

Test-Connection -Count 4 google.com

CHANGED: Default count changed from 4 to 1 in PS 7

Invoke-WebRequest -UseBasicParsing

REMOVED in PS 7: -UseBasicParsing no longer needed/available

Format-Table -AutoSize -Wrap

IMPROVED: Better table formatting in PS 7

Out-Host -Paging

CHANGED: Paging behavior improved in PS 7

powershell.exe -Command "script.ps1"

CHANGED: Use "pwsh" for PowerShell 7, "powershell" for PS 5

pwsh -Command "script.ps1"

NEW: PowerShell 7 executable name (cross-platform)

# $PROFILE paths differ

CHANGED: PS 7 profile at $PROFILE.CurrentUserCurrentHost differs from PS 5

Get-Module -ListAvailable

CHANGED: PS 7 modules in different path than PS 5 modules

Install-Module -Name ModuleName -Scope CurrentUser

RECOMMENDED: Use -Scope CurrentUser for PS 7 modules

Import-Module -Name WindowsCompatibility

NEW: Windows Compatibility module for running Windows-only modules

Invoke-Command -WinRS

NEW in PS 7: Alternative remoting protocol

Get-ComputerInfo -Property "WindowsProductName"

IMPROVED: More properties available in PS 7

[System.Runtime.InteropServices.RuntimeInformation]::OSDescription

NEW: Get OS info in cross-platform way (PS 7)

Get-Process | Where-Object {$_.Company -like "*Microsoft*"}

CHANGED: Some process properties differ in PS 7

dotnet tool install --global PowerShell

NEW: Install PS 7 via .NET CLI

© 2026 CHAI WEN TAH
Last build: Mar 31, 2026