Latest revision as of 21:33, 16 May 2025

Linux Commands

Linux command‑line tools are the backbone of reconnaissance, exploitation, and post‑exploitation on Unix‑like systems.

Understanding Linux commands provides direct access to system internals, automation, and control. Many security tools and scripts rely on command-line operations for efficiency and precision. In ethical hacking, the ability to navigate filesystems, manage processes, inspect network configurations, and manipulate data through the terminal creates a strong foundation for tasks such as enumeration, privilege escalation, and persistence.

Proficiency with core commands accelerates workflow, reduces reliance on graphical interfaces, and improves situational awareness during engagements. Whether working locally or through remote shells, command-line skills increase control and adaptability across diverse environments.

Common Commands

Navigation & File Management

Command	Description	Usage
`pwd`	Print working directory	`pwd`
`cd`	Change directory	`cd [DIRECTORY]`
`ls`	List directory contents	`ls [OPTIONS] [FILE...]`
`tree`	Recursively list directories as tree	`tree [DIRECTORY]`
`mkdir`	Create directory	`mkdir [OPTIONS] DIRECTORY`
`rmdir`	Remove empty directory	`rmdir DIRECTORY`
`cp`	Copy files or directories	`cp SOURCE DEST`
`mv`	Move or rename files/directories	`mv SOURCE DEST`
`rm`	Delete files or directories	`rm [OPTIONS] FILE...`
`touch`	Create empty file or update timestamp	`touch FILENAME`
`ln`	Create hard or symbolic links	`ln [OPTIONS] TARGET LINK_NAME`
`stat`	Display detailed file information	`stat FILE`
`file`	Detect file type	`file FILE`
`basename`	Strip directory and suffix from filename	`basename PATH`
`dirname`	Extract directory part of file path	`dirname PATH`
`find`	Search for files and directories	`find [PATH] [OPTIONS] [EXPRESSION]`
`locate`	Find files using database (faster than find)	`locate FILENAME`
`chmod`	Change file permissions	`chmod [OPTIONS] MODE FILE`
`chown`	Change file ownership (user)	`chown [OPTIONS] USER FILE`
`chgrp`	Change group ownership	`chgrp [OPTIONS] GROUP FILE`
`umask`	Set default file permission mask	`umask [MASK]`
`tar`	Archive files into tarball	`tar -czf ARCHIVE.tar.gz FILES`
`gzip`	Compress files using Gzip	`gzip FILE`
`gunzip`	Decompress Gzip files	`gunzip FILE.gz`
`zip`	Compress files into ZIP archive	`zip ARCHIVE.zip FILES`
`unzip`	Extract ZIP archive	`unzip ARCHIVE.zip`
`dd`	Copy and convert data (low-level)	`dd if=SOURCE of=DEST bs=BLOCKSIZE`
`mount`	Mount a filesystem	`mount [DEVICE] [MOUNTPOINT]`
`umount`	Unmount a filesystem	`umount [MOUNTPOINT]`
`namei`	Follow a file path, showing each component	`namei PATH`
`readlink`	Resolve symbolic link to actual path	`readlink FILE`
`realpath`	Print the resolved absolute file path	`realpath FILE`
`mktemp`	Create a temporary file or directory	`mktemp [TEMPLATE]`

Viewing & Text Processing

Command	Description	Usage
`cat`	Concatenate & display files	`cat [OPTIONS] FILE...`
`less`	Paginate large files	`less FILE`
`more`	View file one page at a time	`more FILE`
`head`	Show first lines of a file	`head [OPTIONS] FILE`
`tail`	Show last lines / follow file	`tail [OPTIONS] FILE`
`grep`	Search for patterns	`grep [OPTIONS] PATTERN FILE`
`awk`	Pattern scanning & processing language	`awk 'pattern { action }' FILE`
`sed`	Stream editor for filtering & transforming text	`sed [OPTIONS] 'SCRIPT' FILE`
`cut`	Remove sections from each line	`cut [OPTIONS] FILE`
`tr`	Translate or delete characters	`tr SET1 SET2`
`sort`	Sort lines of text files	`sort [OPTIONS] FILE`
`uniq`	Filter out repeated lines	`uniq [OPTIONS] FILE`
`wc`	Count lines, words, bytes	`wc [OPTIONS] FILE`
`nl`	Number lines of a file	`nl FILE`
`diff`	Show differences between files	`diff FILE1 FILE2`
`tee`	Read from stdin and write to file and stdout	tee FILE

System & User Info

Command	Description	Usage
`whoami`	Show current user	`whoami`
`id`	Display user/group IDs	`id [USERNAME]`
`df`	Disk usage overview	`df [OPTIONS]`
`du`	Show disk usage for files/directories	`du [OPTIONS] [PATH]`
`uptime`	Show how long the system has been running	`uptime`
`uname`	System information (kernel, OS, architecture)	`uname -a`
`hostname`	Show or set system hostname	`hostname`
`date`	Display or set system date/time	`date`
`cal`	Display a calendar	`cal`
`env`	Show environment variables	`env`
`set`	Display shell variables and functions	`set`
`history`	List previously executed commands	`history`
`ps`	Display running processes	`ps aux`
`top`	Real-time system process monitor	`top`
`kill`	Terminate process by PID	`kill [-9] PID`
`pkill`	Kill processes by name	`pkill PROCESS_NAME`
`pgrep`	Search for processes by name	`pgrep PROCESS_NAME`
`w`	Show who is logged in and what they are doing	`w`
`who`	Show who is logged in	`who`
`last`	Show login history	`last`
`free`	Show memory usage	`free -h`

User & Group Management

Command	Description	Usage
`useradd`	Add new user	`useradd [OPTIONS] USERNAME`
`usermod`	Modify existing user	`usermod [OPTIONS] USERNAME`
`userdel`	Remove user	`userdel [OPTIONS] USERNAME`
`groupadd`	Create new group	`groupadd GROUP`
`groupdel`	Delete group	`groupdel GROUP`
`passwd`	Set/modify user password	`passwd USERNAME`

Security & Permissions

Command	Description	Usage
`sudo`	Execute command as another user (root by default)	`sudo COMMAND`
`su`	Switch user context	`su [USER]`
`setfacl`	Set POSIX ACL on files/directories	`setfacl -m u:USER:rwx FILE`
`getfacl`	View POSIX ACL	`getfacl FILE`

Process & Job Control

Command	Description	Usage
`jobs`	List background/paused jobs	`jobs -l`
`bg`	Resume job in background	`bg %1`
`fg`	Bring job to foreground	`fg %1`
`nohup`	Run command immune to hangup	`nohup COMMAND &`
`disown`	Remove job from shell’s job table	`disown %1`
`nice`	Start task with priority	`nice -n 10 COMMAND`
`renice`	Change priority of running PID	`renice +5 PID`

System Monitoring & Performance

Command	Description	Usage
`htop`	Interactive process viewer	`htop`
`vmstat`	Report virtual memory stats	`vmstat 1`
`iostat`	CPU & I/O statistics	`iostat -xz 1`
`iotop`	Real‑time I/O usage	`iotop`
`dstat`	Versatile resource stats	`dstat -tcm --top-io`

Disk & Filesystem Management

Command	Description	Usage
`lsblk`	List block devices	`lsblk -f`
`blkid`	Locate/print block device attributes	`blkid DEVICE`
`fdisk`	Partition table editor (MBR)	`fdisk /dev/sda`
`parted`	Partition tool (GPT/MBR)	`parted /dev/sda`
`mkfs`	Create filesystem on device	`mkfs.ext4 /dev/sda1`
`fsck`	Check/repair filesystem	`fsck -f /dev/sda1`
`tune2fs`	Adjust ext2/3/4 filesystem params	`tune2fs -l /dev/sda1`

Networking

Command	Description	Usage
`ping`	Test network connectivity (ICMP)	`ping [OPTIONS] DESTINATION`
`curl`	Retrieve data from URLs / APIs	`curl [OPTIONS] URL`
`ssh`	Secure remote shell & tunnelling	`ssh [OPTIONS] USER@HOST`

Package & Software Management

Command	Description	Usage
`apt`	Debian/Ubuntu package tool	`apt update && apt upgrade`
`dnf`	Fedora/RHEL package manager	`dnf install PACKAGE`
`yum`	Legacy RHEL/CentOS package tool	`yum remove PACKAGE`
`pacman`	Arch Linux package manager	`pacman -Syu`
`dpkg`	Debian low‑level package tool	`dpkg -i PACKAGE.deb`
`rpm`	RPM low‑level package tool	`rpm -q PACKAGE`
`snap`	Universal package system	`snap install APP`
`flatpak`	Sandboxed app manager	`flatpak install REMOTE APP`

Scripting & Automation

Command	Description	Usage
`bash`	GNU Bourne‑Again Shell	`#!/usr/bin/env bash`
`sh`	POSIX shell	`sh SCRIPT.sh`
`crontab`	Schedule recurring jobs	`crontab -e`
`at`	Schedule one‑time tasks	at 02:00
`alias`	Create command shortcuts	`alias ll='ls -alh'`
`export`	Set environment variables	`export PATH=$PATH:/custom/bin`

Help & Documentation

Command	Description	Usage
`man`	Read manual pages	`man COMMAND`
`echo`	Display text / variables	`echo [STRING]`

|}

Examples

Print Working Directory

pwd
# /home/user

@@ Line 71: / Line 71: @@
 |-
 | [[#ex-umount|<code>umount</code>]] || Unmount a filesystem || <code>umount [MOUNTPOINT]</code>
+|-
+| [[#ex-namei|<code>namei</code>]] || Follow a file path, showing each component || <code>namei PATH</code>
+|-
+| [[#ex-readlink|<code>readlink</code>]] || Resolve symbolic link to actual path || <code>readlink FILE</code>
+|-
+| [[#ex-realpath|<code>realpath</code>]] || Print the resolved absolute file path || <code>realpath FILE</code>
 |-
 | [[#ex-mktemp|<code>mktemp</code>]] || Create a temporary file or directory || <code>mktemp [TEMPLATE]</code>
@@ Line 310: / Line 316: @@
 <syntaxhighlight lang="bash">
 pwd
+# /home/user
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-cd"></span>Change Directory ===
 <syntaxhighlight lang="bash">
 cd /var/www
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
-=== <span id="ex-ls"></span>List All Files (long + hidden) ===
+=== <span id="ex-ls"></span>List All Files (long + hidden) ===
 <syntaxhighlight lang="bash">
 ls -la
+# total 12
+# drwxr-xr-x  3 user user 4096 May 16 22:15 .
+# drwxr-xr-x 18 user user 4096 May 16 21:00 ..
+# -rw-r--r--  1 user user    0 May 16 22:15 index.html
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-mkdir"></span>Create Directory ===
 <syntaxhighlight lang="bash">
 mkdir backups
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-rmdir"></span>Remove Empty Directory ===
 <syntaxhighlight lang="bash">
 rmdir backups
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-cp"></span>Copy File ===
 <syntaxhighlight lang="bash">
 cp secrets.txt /tmp/secrets.bak
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-mv"></span>Move & Rename ===
 <syntaxhighlight lang="bash">
 mv old.log archive/old.log
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
-=== <span id="ex-rm"></span>Force‑Delete Directory ===
+=== <span id="ex-rm"></span>Force-Delete Directory ===
 <syntaxhighlight lang="bash">
 rm -rf /tmp/testdir
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-cat"></span>Show File Contents ===
 <syntaxhighlight lang="bash">
 cat /etc/passwd | grep ":/bin/bash"
+# root:x:0:0:root:/root:/bin/bash
+# user:x:1000:1000:User,,,:/home/user:/bin/bash
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-less"></span>View Large Log ===
 <syntaxhighlight lang="bash">
 less /var/log/auth.log
+# (opens file in pager; press q to quit)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
-=== <span id="ex-head"></span>First 10 Lines ===
+=== <span id="ex-head"></span>First 10 Lines ===
 <syntaxhighlight lang="bash">
 head -n 10 notes.txt
+# Line 1
+# Line 2
+# Line 3
+# Line 4
+# Line 5
+# Line 6
+# Line 7
+# Line 8
+# Line 9
+# Line 10
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-tail"></span>Follow File Growth ===
 <syntaxhighlight lang="bash">
 tail -f /var/log/nginx/access.log
+# 192.168.1.5 - - [16/May/2025:22:30:01 +0200] "GET / HTTP/1.1" 200 1234
+# 192.168.1.5 - - [16/May/2025:22:30:02 +0200] "GET /favicon.ico HTTP/1.1" 404 564
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-grep"></span>Search Pattern ===
 <syntaxhighlight lang="bash">
-grep -R \"passwd\" /etc
+grep -R "passwd" /etc
+# /etc/login.defs:PASS_MAX_DAYS   99999
+# /etc/pam.d/common-password:password requisite pam_pwquality.so retry=3
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-whoami"></span>Current User ===
 <syntaxhighlight lang="bash">
 whoami
+# user
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-id"></span>User & Group IDs ===
 <syntaxhighlight lang="bash">
 id
+# uid=1000(user) gid=1000(user) groups=1000(user),27(sudo)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
-=== <span id="ex-df"></span>Human‑Readable Disk Usage ===
+=== <span id="ex-df"></span>Human-Readable Disk Usage ===
 <syntaxhighlight lang="bash">
 df -h
+# Filesystem      Size  Used Avail Use% Mounted on
+# /dev/sda1        30G   12G   17G  42% /
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
-=== <span id="ex-history"></span>Show Last 20 Commands ===
+=== <span id="ex-history"></span>Show Last 20 Commands ===
 <syntaxhighlight lang="bash">
 history | tail -n 20
+#  981  ls
+#  982  cd /var/www
+#  983  vim index.html
+# ...
+# 1000  exit
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
-=== <span id="ex-ping"></span>Ping Host 4 Times ===
+=== <span id="ex-ping"></span>Ping Host 4 Times ===
 <syntaxhighlight lang="bash">
 ping -c 4 example.com
+# PING example.com (93.184.216.34) 56(84) bytes of data.
+# 64 bytes from 93.184.216.34: icmp_seq=1 ttl=56 time=12.3 ms
+# 64 bytes from 93.184.216.34: icmp_seq=2 ttl=56 time=12.1 ms
+# 64 bytes from 93.184.216.34: icmp_seq=3 ttl=56 time=12.0 ms
+# 64 bytes from 93.184.216.34: icmp_seq=4 ttl=56 time=12.2 ms
+# --- example.com ping statistics ---
+# 4 packets transmitted, 4 received, 0% packet loss, time 3005ms
+# rtt min/avg/max/mdev = 12.012/12.173/12.325/0.123 ms
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-curl"></span>Download Web Page ===
 <syntaxhighlight lang="bash">
 curl -o index.html http://example.com
+#   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
+#                                  Dload  Upload   Total   Spent    Left  Speed
+# 100  1270  100  1270    0     0   2500      0 --:--:-- --:--:-- --:--:--  2500
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-ssh"></span>SSH on Custom Port ===
 <syntaxhighlight lang="bash">
 ssh -p 2222 user@target
+# The authenticity of host 'target (192.168.1.50)' can't be established.
+# ED25519 key fingerprint is SHA256:abc123...
+# Are you sure you want to continue connecting (yes/no/[fingerprint])?
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-man"></span>Read Manual Page ===
 <syntaxhighlight lang="bash">
 man ssh
+# (opens manual page; press q to quit)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 === <span id="ex-echo"></span>Write to File ===
 <syntaxhighlight lang="bash">
-echo \"hacked\" > /tmp/proof.txt
+echo "hacked" > /tmp/proof.txt
+# (no output)
 </syntaxhighlight>
-''[[#commands|↑ Commands]]''
+''[[#commands|↑ Commands]]''
 == See Also ==

Basic Linux Commands: Difference between revisions

Latest revision as of 21:33, 16 May 2025

Linux Commands

Common Commands

Navigation & File Management

Viewing & Text Processing

System & User Info

User & Group Management

Security & Permissions

Process & Job Control

System Monitoring & Performance

Disk & Filesystem Management

Networking

Package & Software Management

Scripting & Automation

Help & Documentation

Examples

Print Working Directory

Change Directory

List All Files (long + hidden)

Create Directory

Remove Empty Directory

Copy File

Move & Rename

Force-Delete Directory

Show File Contents

View Large Log

First 10 Lines

Follow File Growth

Search Pattern

Current User

User & Group IDs

Human-Readable Disk Usage

Show Last 20 Commands

Ping Host 4 Times

Download Web Page

SSH on Custom Port

Read Manual Page

Write to File

See Also

Navigation menu

Search

User & Group Management

Process & Job Control

Disk & Filesystem Management

Package & Software Management