This is an old revision of the document!
Microsoft Windows
Commandes réseau
| 𝗶𝗽𝗰𝗼𝗻𝗳𝗶𝗴 | Show network configuration |
| 𝗶𝗽𝗰𝗼𝗻𝗳𝗶𝗴 /𝗮𝗹𝗹 | Detailed IP/DNS info for incident validation |
| 𝗶𝗽𝗰𝗼𝗻𝗳𝗶𝗴 /𝗿𝗲𝗹𝗲𝗮𝘀𝗲 | Release IP to cut rogue connections |
| 𝗶𝗽𝗰𝗼𝗻𝗳𝗶𝗴 /𝗿𝗲𝗻𝗲𝘄 | Renew IP after network reset |
| 𝗶𝗽𝗰𝗼𝗻𝗳𝗶𝗴 /𝗳𝗹𝘂𝘀𝗵𝗱𝗻𝘀 | Clear DNS cache (stop DNS poisoning) |
| 𝗽𝗶𝗻𝗴 [𝗜𝗣] | Test host reachability (detect filtering/DoS) |
| 𝘁𝗿𝗮𝗰𝗲𝗿𝘁 [𝗜𝗣] | Trace suspicious traffic path |
| 𝗻𝘀𝗹𝗼𝗼𝗸𝘂𝗽 [𝗱𝗼𝗺𝗮𝗶𝗻] | Investigate phishing/malware domains |
| 𝗻𝗲𝘁𝘀𝘁𝗮𝘁 -𝗮𝗻 | Spot unusual open ports & connections |
| 𝗻𝗲𝘁𝘀𝘁𝗮𝘁 -𝗯 | See which process is making network connections |
| 𝗮𝗿𝗽 -𝗮 | Detect ARP spoofing/poisoning attempts |
| 𝗵𝗼𝘀𝘁𝗻𝗮𝗺𝗲 | Verify compromised system identity |
| 𝗴𝗲𝘁𝗺𝗮𝗰 | Validate legitimate MAC addresses |
| 𝗻𝗲𝘁 𝘂𝘀𝗲 | Check unauthorized shared drive access |
| 𝗻𝗲𝘁 𝘀𝗵𝗮𝗿𝗲 | List shared resources for data exfil risks |
| 𝗻𝗲𝘁 𝘀𝘁𝗮𝗿𝘁 | Spot suspicious or unauthorized services |
| 𝗻𝗲𝘁 𝘀𝘁𝗼𝗽 | Kill malicious services |
| 𝘁𝗮𝘀𝗸𝗹𝗶𝘀𝘁 | See running processes (correlate with netstat) |
| 𝗿𝗼𝘂𝘁𝗲 𝗽𝗿𝗶𝗻𝘁 | Inspect routing table for anomalies |
| 𝗻𝗲𝘁𝘀𝗵 𝗮𝗱𝘃𝗳𝗶𝗿𝗲𝘄𝗮𝗹𝗹 𝗳𝗶𝗿𝗲𝘄𝗮𝗹𝗹 𝘀𝗵𝗼𝘄 𝗿𝘂𝗹𝗲 𝗻𝗮𝗺𝗲=𝗮𝗹𝗹 | Review firewall rules for |