Skip to content

Basic PowerShell tricks and notes

Jump to bottom
HotCakeX edited this page May 19, 2023 · 9 revisions

Basic PowerShell tricks and notes

This page is designed for beginners and newcomers to PowerShell who want to learn the essential basics and the most frequently used syntaxes elements and tricks fast. It should help you jump start your journey as a PowerShell user.

The main source for learning PowerShell is Microsoft Learn website. There are extensive and complete guides about each command/cmdlet with examples.

PowerShell core at Microsoft Learn


Pipeline variable

$_ is the variable for the current value in the pipeline.

Examples


Filtering with Where-Object

? which is an alias for Where-Object, is used to filter all the data given to it.

Where-Object

Example

Get-PSDrive | ?{$_.free -gt 1}

Show the properties of an object selectively

Select or Select-Object show the properties that we want to see from an object

If we use * then all of the properties will be shown and from there we can choose which properties to add.

Example:

Get-PSDrive | ?{$_.free -gt 1} | select * 

Get-PSDrive | ?{$_.free -gt 1} | select root, used, free

Looping using ForEach-Object

ForEach-Object { }

The ForEach-Object cmdlet performs an operation on each item in a collection of input objects. The input objects can be piped to the cmdlet or specified using the InputObject parameter.

i.e. For every item in the pipe, run this line.

Examples:

Get-PSDrive | ?{$_.free -gt 1} | select root, used, free | ForEach-Object{"zebra"} 
Get-PSDrive | ?{$_.free -gt 1} | select root, used, free | ForEach-Object{ Write-Host "Free Space for " $_.Root "is" ($_.free/1gb )}

The parenthesis, ($_.free/1gb ) must be there if we want to modify one of the output strings.


To get online help about any Cmdlet

Opens the webpage for the specified command

Get-help cmdlet –online

Example:

Get-Help ForEach-Object –online

Get-Help dir –online

Shows the full help on the PowerShell console

Get-help get-service -full

Opens a new window showing the full help content and offers other options such as Find

Get-help get-service -ShowWindow


To Query Windows services

This gets any Windows service that has the word "Xbox" in it.

Get-service "*xbox*"

This gets any Windows service that has the word "x" in it.

Get-service "*x*"

Putting * around the word or letter finds anything that contains it.

Get-service "*x*" | sort-object status

Example syntax:

Get-Service [[-Name] <System.String[]>] [-ComputerName <System.String[]>] [-DependentServices] [-Exclude <System.String[]>] [-Include <System.String[]>] [-RequiredServices] [<CommonParameters>]

In this part

Get-Service [[-Name] <System.String[]>]

The -Name Parameter accepts <System.String[]>, which is a StringList, and when [] is included, that means there can be multiple inputs/strings, separated by comma ,.

So [[-Name] <System.String[]>] can be used like this:

Get-Service -Name WinRM,BITS,*Xbox*

Also in another similar example syntax:

Get-Service [-ComputerName <System.String[]>] [-DependentServices] -DisplayName <System.String[]> [-Exclude <System.String[]>] [-Include <System.String[]>] [-RequiredServices] [<CommonParameters>]

Everything is inside a bracket except for -DisplayName, that means it is mandatory. If a parameter is inside a bracket, that means it is optional.


How to suppress errors in PowerShell

-ErrorAction SilentlyContinue

Everything you wanted to know about exceptions

Try/Catch will only 'trigger' on a terminating exception. Most cmdlets in PowerShell, by default, won't throw terminating exceptions. You can set the error action with the -ErrorAction or -ea parameters:

Do-Thing 'Stuff' -ErrorAction Stop

Careful when using -ErrorAction Stop, If using it in loops like with ForEach-Object, then it will stop the entire loop after the first encounter of error.

Handling Errors the PowerShell Way

Tip: If you set

$ErrorActionPreference = 'Stop'

In your PowerShell code, either locally or globally for the entire script, Write-Error will cause the script to stop because it will be like throwing an error.


Get file signature of all the files in a folder

This will check all of the files in the current directory and show an error for folders, you can add -ErrorAction SilentlyContinue to the Get-AuthenticodeSignature cmdlet to ignore the errors.

Get-ChildItem | ForEach-Object -Parallel {Get-AuthenticodeSignature $_.Name}

This will recursively check only the files in the current directory and sub-directories, no folder is piped.

Get-ChildItem -Recurse -File | ForEach-Object -Parallel {Get-AuthenticodeSignature $_.Name}

Write output to a file or string

> output.txt

Example:

ipconfig /all > mynetworksettings.txt

about_Redirection


How to add delay/pause to the execution of Powershell script

To sleep a PowerShell script for 5 seconds, you can run the following command

Start-Sleep -Seconds 5

You can also use the -milliseconds parameter to specify how long the resource sleeps in milliseconds.

Start-Sleep -Milliseconds 25

Start-Sleep


How to stop/kill a a process or (.exe) executable in Powershell

Using native PowerShell cmdlet

Stop-Process -Name "Photoshop"

Stop-Process

Using taskkill.exe

taskkill /IM "photoshop app.exe" /F

taskkill


Automatically answer “yes” to a prompt in Powershell

Use –force at the end of the command


Displays all information in the current access token

The command below displays all information in the current access token, including the current user name, security identifiers (SID), privileges, and groups that the current user belongs to.

whoami /all

whoami


Display all the TCP and UDP ports on which the computer is listening

netstat -a

netstat


Copy the result of a command to clipboard automatically

Add | clip at the end the command

Example:

Get-TimeZone | clip

Example:

rg -i -F URL: | clip

How to scan 2 text files for differences and pipe the difference to a third File

$File1 = "C:\Scripts\Txt1.txt" 
$File2 = "C:\Scripts\Txt2.txt" 
$Location = "C:\Scripts\Txt3.txt" 

Compare-Object (get-content $File1) (get-content $File2) | format-list | Out-File $Location

Compare-Object


Difference between Strings and StringLists

This is Stringlist in PowerShell:

[String[]]

And this is a string

[String]

When we define Stringlist in a parameter, then the argument will keep asking for multiple values instead of 1, if we want to stop adding arguments for the parameter, we have to enter twice.


How to run a PowerShell (.ps1) script ?

  • Method 1:
&"Path\To\PS\Script.ps1"

Using the & Call operator

  • Method 2:
Set-Location 'Path\To\Folder\OfThe\Script'
.\Script.ps1
  • Method 3
pwsh.exe -File 'Path\To\Folder\OfThe\Script.ps1'

This example uses PowerShell Core


Enclosing strings that have a lot of single and double quotation marks

$string =@" 

Some string text 

"@

$string

the markers @" and "@ indicating the beginning and end of the string must be on separate lines.


How to find the type of the output of a command in PowerShell?

Using GetType()

Examples:

(Get-BitlockerVolume -MountPoint "C:").KeyProtector.keyprotectortype.GetType() 
(get-nettCPConnection).GetType()

Make sure to use Pascal Case for variable names

Pascal Case requires variables made from compound words and have the first letter of each appended word written with an uppercase letter.

Example: $Get-CurrentTime


Some popular resources and cmdlets

jumping star Back to AppControl Manager's Home jumping star Back to Wiki's home jumping star Back to main Readme jumping star

AppControl Manager icon AppControl Manager New Label


Harden Windows Security Module


App Control for Business


Miscellaneous


Azure


PowerShell


Microsoft Cloud


C#


Clone this wiki locally