🦹Powerview

To work with Powerview, it is needed to import it using powershell.

Import-Module .\Powerview.ps1

Information about the domain

Get-NetDomain

Users

To get a list of all users on the domain.

Get-NetUser | select cn

Groups

To get a list of all groups on the domain.

Get-NetGroup | select cn

To get members of a group.

Get-NetGroup $GROUP$ | select member

OS

To get information about the device.

Administrative privileges

To find if the current user has administrative privileges on any computers on the domain.

Logged on users

To know who is logged on a computer.

Service Principal Names

To list SPN on the domain.

Object Permissions

Permissions definitions

Permissions

Basics

ObjectSID is the user affected by the permission.

ActiveDirectoryRights is the permission.

SecurityIndentifier is the user that can use the permission.

To sum up: SecurityIndentifier can ActiveDirectoryRights ObjectSID. (For example: Alice can read Bob)

SID values

SID values can be converted to be readable.

Multiple SIDs can be converted in a row.

Specific permissions

To show only objects with GenericAll permissions.

Domains Shares

To list all domain shares.

To list only shares available to the current user.

PreviousWindows legacy toolsNextSharpHound/BloodHound

Last updated