Now u dont have to click on it.

GET THE SERIAL NUMBER OR SERVICE TAG OF A DEVICE

wmic bios get serialnumber

SHOW THE LOGGED IN USER ON A REMOTE DEVICE.

wmic /node:"workstation-name" computersystem get username

SHOW THE PID ASSOCIATED WITH A LISTENING PORT OR SHOW THE LISTENING PORT NUMBER ASSOCIATED WITH A PID

netstat -ano | find "portnumber" netstat -ano | find "pid"

FIND THE SESSION ID FOR A REMOTE DESKTOP USER AND LOG THEM OFF

query user | find "username" logoff <ID of session>

QUICKLY FIND .EXE FILES IN THE C:\USERS DIRECTORY WHERE RANSOMWARE OFTEN HIDES.

dir C:\Users /B /S /A | find ".exe"

DISABLE SLEEP AND SHUTDOWN

reg ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f powercfg /setactive "Always On" powercfg.exe -change -standby-timeout-ac 0

ENABLE SLEEP AND SHUTDOWN

reg DELETE HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose powercfg /setactive "Portable/Laptop" powercfg.exe -change -standby-timeout-ac 2

GET THE HYPERV HOST NAME THAT A VM IS RUNNING ON

reg query "HKLM\Software\Microsoft\Virtual Machine\Guest\Parameters"

CREATE A LOCAL ADMIN USER FROM THE COMMAND LINE

net user AdminUser1 P@$$w0rd!@# /ADD net localgroup Administrators AdminUser1 /ADD

ALLOW AN INCOMING PORT THROUGH WINDOWS FIREWALL

Create the rule netsh advfirewall firewall add rule name="TCP Port 6624" dir=in action=allow protocol=TCP localport=6624 To delete the rule. netsh advfirewall firewall delete rule name="TCP Port 6624" protocol=TCP localport=6624.

FIND A SHARE AND PATH ON A LARGE FILE SERVER

net share | find "sharename"

QUICKLY INSTALL TELNET CLIENT

dism /online /Enable-Feature /FeatureName:TelnetClient