Joined: Mon Dec 07, 2009 7:09 am
Location: Terra @ Sol System
As it concerns the CLI, I converted the page content to a suitable format (<80 column text, except for URLs); and I'm posting it here in case someone else finds it useful. And if you find some other tools ought to be included, just post them below.
# denotes Headers;
> precedes the command name (and if followed be !int, indicates it's an internal windows command);
An URL below the command points to an external command webpage; if the URL is at the end of the entry, then it's a command information page.
The Command Line Toolkit For Windows
# ADMINISTRATION AND TROUBLESHOOTING PROGRAMS
AccessChk lists the kind of permissions specific users or groups have to
resources including files, directories, Registry keys, global objects and
The AT command schedules commands and programs to run on a computer at a
specified time and date. The Schedule service must be running to use the AT
Coreinfo is a command-line utility that shows you the mapping between
logical processors and the physical processor, NUMA node, and socket on
which they reside, as well as the cache’s assigned to each logical
Displays a list of installed device drivers.
A command-line interface for Windows Defender. To execute this program you
must use the full path: %ProgramFiles%\Windows Defender\MpCmdRun.exe
Various Windows management commands. More information can be found here.
Netsh is a command-line scripting utility that allows you to, either locally
or remotely, display or modify the network configuration of a computer that
is currently running. More information can be found here.
Windows PowerShell is a task-based command-line shell and scripting language
designed especially for system administration. More information can be found
Allows you to list the contents of local or remote computer's Windows Event
PsPasswd is a tool that lets you change an account password on the local or
Allows you to list and configure Windows services.
Run a program as another user.
Execute functions exported in a DLL file.
Manage Windows Services.
Shutdown a local or remote computer.
Verify that images are digitally signed and dumps version information
contained within the file.
A collection of Unix utilities that have been ported to Windows. These
utilities are very useful and include programs like grep, split, tar, dir,
A program that allows command-line and batch file access to Windows
Management Instrumentation. More information can be found here.
A command-line Windows Update installer and management program.
# BOOT AND WINDOWS STARTUP PROGRAMS
The bcdboot.exe command-line tool is used to copy critical boot files to the
system partition and to create a new system BCD store. More information can
be found at:
The Bcdedit.exe command-line tool modifies the boot configuration data
store. The boot configuration data store contains boot configuration
parameters and controls how the operating system is booted. This tool is for
Windows Vista and later. More information can be found at:
More information can be found at:
The bootcfg command is a Microsoft Windows Server 2003 utility that modifies
the Boot.ini file. This command has a function that can scan your computer's
hard disks for Microsoft Windows NT, Microsoft Windows 2000, Microsoft
Windows XP, and Windows Server 2003 installations, and then add them to an
existing Boot.ini file or rebuild a new Boot.ini file if one does not exist.
You can use the bootcfg command to add additional Boot.ini file parameters
to existing or new entries. More information can be found at:
# FILE COMPARISON, SEARCH, AND VIEWING PROGRAMS
Compares the contents of two files or sets of files.
Searches for strings in files. This is a powerful tool, but contains a
limited Regular Expression functionality. If you want a string searching
tool with greater RegExp functionality, you may want to use grep that is
part of the UnixUtils package.
Compares two files or sets of files and displays the differences between
Displays a file one page at a time.
Reads input, sorts data, and writes the results to the screen, to a file, or
to another device. More information about sort can be found at:
Displays the entire file to the screen.
# FILE PERMISSION AND MANAGEMENT PROGRAMS
Full featured archive program that can work with almost any archive type.
When adding this to your command-line folder, be sure to copy both 7z.exe &
7z.dll for it to work properly.
Displays, sets, or removes the read-only, archive, system, and hidden
attributes assigned to files or directories. Used without parameters, attrib
displays attributes of all files in the current directory. More information
can be found at:
Changes the current working directory.
Copy a file to another name or to a different folder.
List the files in a folder.
>File Checksum Integrity Verifier
The File Checksum Integrity Verifier (FCIV) utility can generate MD5 or
SHA-1 hash values for files to compare the values against a known good
value. FCIV can compare hash values to make sure that the files have not
Selects a file (or set of files) and executes a command on that file.
Handle is a utility that displays information about open handles for any
process in the system. You can use it to see the programs that have a file
open, or to see the object types and names of all the handles of a program.
Displays or modifies discretionary access control lists (DACLs) on specified
files, and applies stored DACLs to files in specified directories. More
information about icacls can be found here.
Allows you to create, list, or delete Junctions in Windows.
LADS will display a list of all alternate data streams found in a particular
Lists the md5 has for a particular file or numerous files in a folder.
Move a file or folder to another location.
Rename a file or folder.
You can use SDelete both to securely delete existing files, as well as to
securely erase any file data that exists in the unallocated portions of a
disk (including files that you have already deleted or encrypted). SDelete
implements the Department of Defense clearing and sanitizing standard DOD
5220.22-M, to give you confidence that once deleted with SDelete, your file
data is gone forever.
Scans the integrity of all protected system files and replaces incorrect
versions with correct Microsoft versions.
Displays strings found within a file.
Copies files and directories, including subdirectories.
# FILESYSTEM MANAGEMENT PROGRAMS
Checks a disk and displays a status report.
Locates and consolidates fragmented files on local volumes to improve system
Diskpart allows you to manage and modify disk partitions. More information
about diskpart can be found at:
Repairs the master boot record of the boot disk. The fixmbr command is only
available when you are using the Recovery Console.
Recovers readable information from a bad or defective disk.
This tool allows an administrator to recover access to a file that was
denied by re-assigning file ownership.
# NETWORK DIAGNOSTICS & ADMINISTRATION PROGRAMS
Displays and modifies the IP-to-Physical address translation tables used by
address resolution protocol (ARP). Useful for finding mac addresses of other
networked devices on your network.
cURL is a command line tool for downloading web pages, entire sites, ftp
Displays all current TCP/IP network configuration values and refreshes
Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS)
settings. Used without parameters, ipconfig displays the IP address, subnet
mask, and default gateway for all adapters. More information can be found at:
Netcat is a featured networking utility which reads and writes data across
network connections, using the TCP/IP protocol. This is a very useful tool
for diagnosing network connections, open firewall ports, or for sending the
output of a local command to a remote computer.
Displays protocol statistics and current TCP/IP network connections.
Nmap ("Network Mapper") is a utility for network discovery and security
auditing. This program can quickly perform a TCP/IP audit of your network.
Nslookup allows you to perform DNS (Domain Name Service) resolution.
The PathPing tool is a route tracing tool that combines features of Ping and
Tracert with additional information that neither of those tools provides.
PathPing sends packets to each router on the way to a final destination over
a period of time, and then computes results based on the packets returned
from each hop. Since PathPing shows the degree of packet loss at any given
router or link, you can pinpoint which routers or links might be causing
network problems. More information can be found at:
Ping is a computer network administration utility used to test if you can
reach a host on an Internet Protocol (IP) network and to measure the
round-trip time for messages sent from the originating host to a destination
PsFile is a command-line utility that shows a list of files on a system that
are opened remotely, and it also allows you to close opened files either by
name or by a file identifier.
PsExec is a program that lets you execute processes on other systems,
complete with full interactive use for console applications, without having
to manually install client software. Please note that some anti-virus
vendors may detect this as "Remote Admin", but it is a legitimate tool from
PsLoggedOn is an program that displays both the locally logged on users and
users logged on via resources for either the local computer, or a remote
one. If you specify a user name instead of a computer, PsLoggedOn searches
the computers in the network neighborhood and tells you if the user is
currently logged on.
Displays and modifies the entries in the local IP routing table. Used
without parameters, route displays help. More information can be found at:
Displays the path taken from TCP/IP packets as they traverse from your local
computer to a remote target. More information can be found at:
GNU Wget is a program for retrieving files using HTTP, HTTPS and FTP, the
most widely-used Internet protocols.
# PROCESS MANAGEMENT PROGRAMS
ListDLLs is a utility that reports the DLLs loaded into processes. You can
use it to list all DLLs loaded into all processes, into a specific process,
or to list the processes that have a particular DLL loaded.
Allows you to terminate processes.
Lists all running processes.
Lists all running running processes and services. This program can also be
used to list what services are running under a particular svchost process.
For more information regarding how to do that, see:
This tool is used to terminate tasks by process id (PID) or image name.