PowerShell

If you find yourself in a limited cmd shell but have obtained credentials for another user, you can leverage PowerShell’s Invoke-Command cmdlet to execute a script block in the security context of that specific user. This can be helpful in a penetration test setting or CTF. One thing to be aware of is that you cannot just pass a user and password string to the -Credential parameter of Invoke-Command, but need to create a valid PSCredential object first. ...

If you ever find yourself on a Windows system needing to make a HTTP request, the Invoke-WebRequest cmdlet will be your friend. Let’s have a look on how to send various things with iwr (legit alias!) and how to get around common issues. We will be focussing on (manually) sending/requesting data, not so much on reading/parsing it. In case it’s the first time you’re using Invoke-WebRequest or doing stuff with PowerShell in general, I recommend reading this post sequentially from top to bottom. ...