# Enumerate
CommandDescription
Get-PSSessionConfigurationLists all registered PowerShell session configurations.
winrm get winrm/configDisplays the current WinRM configuration.
winrm get winrm/config/ServiceDisplays the security configuration for the WinRM service.
winrm get winrm/config/ClientDisplays the WinRM client configuration.
Get-WSManInstance winrm/config -EnumerateRetrieves the current WinRM configuration.
Get-WSManCredSSPDisplays the Credential Security Support Provider (CredSSP) configuration for WinRM, which affects remote authentication.
Get-PSSessionConfiguration | fl *Lists detailed information about all PowerShell session configurations
Get-Item -Path WSMan:\localhost\Client\TrustedHostsLists the hosts trusted by the WinRM client, impacting remote command execution security.
Get-Item -Path WSMan:\localhost\Service\AuthShows the authentication methods supported by the WinRM service, indicating security protocols in use.
Get-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)"Lists firewall rules for WinRM HTTP traffic, impacting network security for remote management.
Get-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)"Lists firewall rules for inbound Remote Desktop Protocol (RDP) connections, affecting RDP security.
Retrieves Remote Desktop Protocol (RDP) security settings using WMI: {% code overflow="wrap" %} ```powershell Get-WmiObject -Namespace root\cimv2 -Class Win32_TSGeneralSetting -Filter "TerminalName='RDP-tcp'" ``` {% endcode %} Retrieves registry settings indicating if unencrypted traffic is allowed for WinRM, affecting security: {% code overflow="wrap" %} ```powershell Get-ItemProperty HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service -Name AllowUnencryptedTraffic ``` {% endcode %} Queries current network profiles: {% code overflow="wrap" %} ```powershell Get-ChildItem 'HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\NetworkList\\Profiles' ``` {% endcode %}