Creating a Security-Focused PowerShell and CMD Console for Windows#

Transform your Windows command line experience with personalized, security-focused configurations for both PowerShell and CMD. This guide provides complete customization solutions that work even in restricted environments like Windows 10 IoT.

Overview#

Whether you’re conducting security audits, managing systems, or performing daily administrative tasks, having a properly configured command line environment significantly improves productivity. This guide covers:

Custom PowerShell profiles with security utilities
Enhanced CMD configurations with auto-launch
Security-focused aliases and functions
Professional visual themes
Compatibility with restricted environments

PowerShell Security Console#

Creating Your Personalized Profile#

Let’s build a comprehensive PowerShell profile tailored for security operations:

1
# Create a personalized profile for Anubhav
2
@'
3
# Anubhav's Security PowerShell Profile
4
# ====================================
5

6
# Set colors - dark security-focused theme
7
$Host.UI.RawUI.BackgroundColor = "Black"
8
$Host.UI.RawUI.ForegroundColor = "White"
9
$Host.PrivateData.ErrorForegroundColor = "Red"
10
$Host.PrivateData.WarningForegroundColor = "Yellow"
11
$Host.PrivateData.DebugForegroundColor = "Cyan"
12
$Host.PrivateData.VerboseForegroundColor = "Green"
13

14
# Personalized security-focused prompt
15
function prompt {
16
    # Get last command status
17
    $lastCommand = $?
18
    $statusIndicator = if ($lastCommand) { "+" } else { "!" }
19
    $statusColor = if ($lastCommand) { "Green" } else { "Red" }
20

21
    # Admin check
22
    $admin = [bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).groups -match "S-1-5-32-544")
23
    $adminTag = if ($admin) { "[ADMIN] " } else { "" }
24

25
    # Current path
26
    $path = $pwd.Path.Replace($HOME, "~")
27

28
    # Current time for audit logging
29
    $time = Get-Date -Format "HH:mm:ss"
30

31
    # Update window title with path info
32
    $Host.UI.RawUI.WindowTitle = "Anubhav - $path $adminTag"
33

34
    # Multi-line prompt for better readability
35
    Write-Host ""
36
    Write-Host "[$time] " -NoNewline -ForegroundColor Cyan
37
    Write-Host $adminTag -NoNewline -ForegroundColor Yellow
38
    Write-Host "$path" -ForegroundColor Blue
39
    Write-Host "[$statusIndicator]" -NoNewline -ForegroundColor $statusColor
40
    return " > "
41
}
42

43
# Useful security aliases
44
Set-Alias ping Test-Connection
45
Set-Alias which Get-Command
46

47
# Security utility functions
48
function Test-Port {
49
    param($Computer, $Port)
50
    $conn = New-Object System.Net.Sockets.TcpClient
51
    try {
52
        $conn.Connect($Computer, $Port)
53
        Write-Host "Port $Port is OPEN on $Computer" -ForegroundColor Green
54
        return $true
55
    } catch {
56
        Write-Host "Port $Port is CLOSED on $Computer" -ForegroundColor Red
57
        return $false
58
    } finally {
59
        $conn.Dispose()
60
    }
61
}
62

63
function Get-SystemInfo {
64
    $os = Get-CimInstance Win32_OperatingSystem
65
    $cs = Get-CimInstance Win32_ComputerSystem
66

67
    Write-Host "OS: $($os.Caption) $($os.Version)" -ForegroundColor Green
68
    Write-Host "Boot Time: $($os.LastBootUpTime)" -ForegroundColor Green
69
    Write-Host "Uptime: $([math]::Round(($os.LocalDateTime - $os.LastBootUpTime).TotalHours, 2)) hours" -ForegroundColor Green
70
    Write-Host "Memory: $([math]::Round($cs.TotalPhysicalMemory / 1GB, 2)) GB" -ForegroundColor Green
71
}
72

73
# Welcome banner
74
Clear-Host
75
Write-Host "+-------------------------------------------+" -ForegroundColor Blue
76
Write-Host "|       ANUBHAV'S SECURITY CONSOLE          |" -ForegroundColor Blue
77
Write-Host "+-------------------------------------------+" -ForegroundColor Blue
78
Write-Host "* System : $([System.Environment]::OSVersion.VersionString)" -ForegroundColor Gray
79
Write-Host "* User   : $([System.Security.Principal.WindowsIdentity]::GetCurrent().Name)" -ForegroundColor Gray
80
Write-Host "* PS Ver : $($PSVersionTable.PSVersion)" -ForegroundColor Gray
81
Write-Host ""
82
Write-Host "[*] Type 'Get-SystemInfo' for system details" -ForegroundColor Yellow
83
Write-Host "[*] Type 'Test-Port computer port' to check connectivity" -ForegroundColor Yellow
84
Write-Host ""
85
'@ | Set-Content -Path $PROFILE -Encoding ASCII
86

87
# Inform the user how to load the profile
88
Write-Host "Anubhav's profile created. To load it, run:" -ForegroundColor Green
89
Write-Host 'powershell -ExecutionPolicy Bypass -NoExit -Command ". $PROFILE"' -ForegroundColor Yellow

Key Features of the PowerShell Profile#

Enhanced Security Prompt:
- Shows current time for audit trails
- Displays admin status clearly
- Indicates last command success/failure
- Updates window title with context
Security Utility Functions:
- Test-Port: Quick port scanning capability
- Get-SystemInfo: System security auditing
- Custom aliases for common tasks
Professional Appearance:
- Dark theme optimized for long sessions
- Color-coded output for different message types
- Clean, organized welcome banner
Compatibility:
- Works in restricted environments
- Minimal dependencies
- Lightweight resource usage

Activating Your PowerShell Profile#

To use this profile, run:

1
powershell -ExecutionPolicy Bypass -NoExit -Command ". $PROFILE"

CMD Security Console with Auto-Launch#

For environments where PowerShell is restricted or when you prefer CMD, here’s a comprehensive solution:

Step 1: Create the Batch File#

Create a file named AnubhavCMD.bat with the following content:

1
@echo off
2
:: Anubhav's Security-Focused CMD Setup
3
title Anubhav's Security Console
4
color 0B
5

6
:: Clear screen with custom banner
7
cls
8
echo.
9
echo  +------------------------------------------+
10
echo  ^|      ANUBHAV'S SECURITY COMMAND LINE     ^|
11
echo  +------------------------------------------+
12
echo.
13
echo  * System: %OS%
14
echo  * User  : %USERNAME%
15
echo  * Date  : %DATE%
16
echo.
17

18
:: Custom prompt with admin check
19
net session >nul 2>&1
20
if %errorlevel% == 0 (
21
    prompt $E[36m[$T]$E[0m [ADMIN] $E[94m$P$E[0m$_$E[92m^>$E[0m
22
) else (
23
    prompt $E[36m[$T]$E[0m $E[94m$P$E[0m$_$E[92m^>$E[0m
24
)
25

26
:: Security aliases
27
doskey ls=dir $*
28
doskey clear=cls
29
doskey sysinfo=systeminfo ^| findstr /B /C:"OS" /C:"OS Version"
30
doskey ports=netstat -an ^| findstr "LISTENING"
31
doskey netinfo=ipconfig /all
32
doskey scan=ping $1
33

34
echo  [*] Security commands: sysinfo, ports, netinfo, scan
35
echo.

Save this file in your user profile folder: C:\Users\%USERNAME%\AnubhavCMD.bat

Step 2: Configure Auto-Launch#

Create a setup script to enable automatic loading:

1
@echo off
2
reg add "HKCU\Software\Microsoft\Command Processor" /v AutoRun /t REG_SZ /d "%USERPROFILE%\AnubhavCMD.bat" /f
3
echo Registry key has been set! Close this window and open a new CMD to see your customized prompt.
4
pause

Save this as SetupAutoRun.bat and run it as administrator.

Step 3: Test Your Configuration#

Close any open Command Prompt windows
Open a new Command Prompt
Your custom configuration loads automatically

CMD Console Features#

Security Commands:
- sysinfo: Quick OS information
- ports: Show listening ports
- netinfo: Network configuration
- scan: Ping utility wrapper
Enhanced Prompt:
- Shows current time
- Indicates admin privileges
- Color-coded for visibility
Professional Banner:
- Personalized header
- System information display
- Command reference

Advanced Customization Options#

Adding More Security Functions to PowerShell#

Extend your profile with additional utilities:

1
# Network Security Scanner
2
function Get-OpenPorts {
3
    param($Target = "localhost", $StartPort = 1, $EndPort = 1000)
4
    Write-Host "Scanning $Target from port $StartPort to $EndPort..." -ForegroundColor Yellow
5

6
    $StartPort..$EndPort | ForEach-Object {
7
        $port = $_
8
        $tcp = New-Object System.Net.Sockets.TcpClient
9
        try {
10
            $tcp.Connect($Target, $port)
11
            Write-Host "Port $port : OPEN" -ForegroundColor Green
12
            $tcp.Close()
13
        } catch {
14
            # Port closed or filtered
15
        }
16
    }
17
}
18

19
# Process Security Checker
20
function Get-SuspiciousProcesses {
21
    Get-Process | Where-Object {
22
        $_.Path -eq $null -or
23
        $_.Company -eq $null -or
24
        $_.Path -like "*\Temp\*"
25
    } | Select-Object Name, Id, Path, Company
26
}
27

28
# Quick Security Audit
29
function Start-SecurityAudit {
30
    Write-Host "=== Security Audit ===" -ForegroundColor Yellow
31

32
    # Check Windows Defender status
33
    Get-MpComputerStatus | Select-Object AntivirusEnabled, RealTimeProtectionEnabled, IoavProtectionEnabled
34

35
    # Check firewall status
36
    Get-NetFirewallProfile | Select-Object Name, Enabled
37

38
    # Check for suspicious scheduled tasks
39
    Get-ScheduledTask | Where-Object {$_.Author -notlike "*Microsoft*"} | Select-Object TaskName, Author, State
40
}

Enhancing CMD with More Aliases#

Add these to your AnubhavCMD.bat:

1
:: Additional security aliases
2
doskey firewall=netsh advfirewall show allprofiles
3
doskey services=sc query state= all
4
doskey processes=tasklist /v
5
doskey connections=netstat -anob
6
doskey users=net user
7
doskey shares=net share
8
doskey startup=wmic startup get caption,command
9
doskey patches=wmic qfe list brief

Security Best Practices#

1. Profile Security#

Store profiles in protected directories
Avoid hardcoding sensitive information
Use environment variables for paths
Regularly review and update profiles

2. Execution Policy Management#

For PowerShell, understand execution policies:

1
# Check current policy
2
Get-ExecutionPolicy
3

4
# Set policy for current user
5
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser

3. Logging and Auditing#

Enable PowerShell transcription for security auditing:

1
# Add to profile for automatic logging
2
Start-Transcript -Path "$env:USERPROFILE\Documents\PSTranscripts\$(Get-Date -Format 'yyyyMMdd-HHmmss').txt"

Troubleshooting Common Issues#

PowerShell Profile Not Loading#

Check profile path:
Terminal window
```
1
$PROFILE
2
Test-Path $PROFILE
```
Verify execution policy allows scripts
Ensure profile file has correct encoding

CMD Customization Not Working#

Verify registry key:

1
reg query "HKCU\Software\Microsoft\Command Processor" /v AutoRun

Check batch file path is correct
Ensure no syntax errors in batch file

Color Codes Not Displaying#

For modern Windows 10/11, enable ANSI color support:

1
reg add HKCU\Console /v VirtualTerminalLevel /t REG_DWORD /d 1

Conclusion#

A well-configured command line environment is essential for efficient security operations and system administration. These customizations provide:

Enhanced Productivity: Quick access to security tools and information
Better Visibility: Clear indication of privilege levels and system state
Professional Appearance: Clean, organized interface for daily work
Flexibility: Works across different Windows environments

Whether you’re using PowerShell or CMD, these configurations create a personalized, security-focused workspace that adapts to your workflow. The modular approach allows you to add or modify features as your needs evolve, ensuring your command line environment remains an effective tool in your security arsenal.

Remember to regularly update your profiles with new functions and utilities as you discover useful patterns in your daily work. A personalized command line is not just about aesthetics—it’s about creating an efficient, secure workspace tailored to your specific needs.