| Command | Description |
|---|
| netstat -ntlp | Shows opened ports |
| nc <ip> <port> -v | Test connectivity on specified <ip>:<port> |
| telnet <ip> <port> | Test connectivity on specified <ip>:<port> |
| nc -l <port> < file.txt | Opens up a port and sends the content of the file to whoever connects to that port |
| rpm -ql <pack.rpm> | Shows all files contained by specified RPM file |
| rpm -qf <file> | Search what RPM contains the selected file |
| rpm -qV | Verify if a RPM was altered after installation |
| typeset|grep TTY | Shows the name of the terminal you are logged in |
| env|grep TTY | Shows the name of the terminal you are logged in |
| type <binary> | Shows the location of a executable file |
| tcpdump -n -i eth0 tcp port <port> | Listen all tcp packets coming on a specified port |
| last | List of everyone who logged in |
| w | Who is currently logged in |
| rpmbuild –rebuild package.src.rpm | Rebuild rpm from sources |
| rpm -Uvh –nomd5 <link>.src.rpm | Install a src.rpm package |
| rpmbuild -ba /usr/src/redhat/SPECS/<pachet>.spec | Compile a spec file |
| find /location -name “*.txt” -exec grep -l <text> {} \; | Searches all files containing <text> |
| ldd <binary> | Shows all libraries used by a file |
| lsof <binary> | Shows all opened files in use by a binary |
| kill -9 $$ | Kills current shell session without saving in history |
| strace -o /locatie/fisier.out <comanda> | Logs strace output |
| sestatus | Sows selinux staus |
| setenforce 0 | Disable selinux |
| ls | wc -l | Number of files in a folder |
| command &> file.txt | Redirect standard output and standard error to file.txt |
| command 2>file | Standard error to file |
| find /tmp -perm -o=w | Finds all files that can be written by others |
| chattr +i <file> | set Immutable ON. file cannot be edited until removing flag |
| ssh -R <port_home>:localhost:22 <user>@<ip_home> | Reverse tunnel from remote location to location <home> |
| ssh -p <port_home> localhost | Connect from location <home> to remote location using reverse tunnel |
| ssh -D 5555 <proxy_host> | Connect to a host in order to use the connection as a proxy(in browser) Using port 5555 |
| lynx –mime_header http://site.com | Returns headers |
| python -m SimpleHTTPServer | Start a http server in the current location |
| scp /location/file <user>@<server>:/location/file | Copy file from one server to another |
| fuser -m /backup | See who uses partition /backup |
| free -m | Free ram space |
| mount -t nfs <ip>:/location /mount_point | mount nfs partition |
| dos2unix <file> | Prepare a Windows file for Linux |
| tail -f <file.log> | Watch changes on a log file as it gets written |
| screen | Start a screen |
| Ctrl+A+D | Detach screen |
| screen -ls | Show running screens |
| screen -R | Reattach screen |
| screen -x | Attach to a not detached screen session |
| Ctrl+R | Reverse search |
| df -h | Free space on HDD |
| du -sh * | Show size of all files |
| dmesg | tail | Kernel log |
| grep <word> -ri | Search a word in all files in a directory. Reverse+ignore case |
| tar -p –same-owner -cvf /location/file.tar.gz /location/ | Archive folder and preserve rights |
| read -s -p”Password: ” USER_PASSWORD_VARIABLE; echo | Shell command to read password into variable |
| ls -lrt | List content of folder and sort by date |
| jobs -l | Show running jobs with PID |
| Ctrl+l | Clear scree |
| Ctrl+u | Clear line |
| Ctrl+w | Delete last word |
| ps aux | List process |
| test -d <folder> || mkdir <folder> | Test if folder exists and create it if it doesn’t |
| export HISTSIZE=10000 | Expand history buffer |
| uname -a |tee out.txt | Show output on screen and also write it to file |
| rpm -q –scripts <RPM> | Show pre/post install scripts of an installed RPM |
| netstat -net | Show established connections |
| mount -o loop imagine.iso /test | Mount Iso image |
| iptables -t nat -nL | Show redirect rules for iptables |
| sed s/cookie/brownie/g <cookies.txt >brownie.txt | Replace all ”cookie” with “brownie” and write output |
| tcpdump -i eth0 port <port> and host <host> | Listen all TCP on port and from host |
| sort -t : -k3,2 /etc/passwd | Sort all lines by the first 2 letters of the 3rd column. Delimiter is “:” |
| diff -qr /dir1 /dir2 | Verify if the files from the 2 directories differ |
| rpm -qlp | Show the content of a not installed RPM |
| rpm2cpio <rpm> | cpio -idmv | Extract the content of a RPM |
| chage -l <user> | Expiration date for a user’s password |
| chage -m 0 -M 99999 -I -1 -E -1 <user> | Set a user’s password to never expire |
| iostat | Shows read writes to partitions to disk |
| netstat -pantu | Show established connections wih the PID number |
| stat <file> | Show information about a file. Write/read access … |
| fuser <file> | Shows what process is using a file. Useful for unmounting partition troubleshooting |
| iftraf | Tool for traffic monitoring |
| lsof|grep delete | Shows deleted files that are still in use. still filling up space |
| partprobe | Update kernel info after partition modifications |
| vmstat 2 3 | Shows info about ram/swap/io/cpu every 2 seconds 3 times |
| ps -p $$ | Show running shell |
| source .bashrc | Rerun bashrc |
| !? | Exit status of the last command |
| !$ | Parameters of the last command |
| !! | Run last command |
| $# | Number of parameters for a shell script |
| $1 | 1st parameter of a script |
| tput setaf 1 | Change font color |
| sh -x file.sh | Run in debug mode. Show all steps |
| arp -na | Show arp table |
| ping <ip>;arp | Shows the mac address of the pinged ip |
| arping -I <interfata> <ip> | Shows the mac of the ip |
| ll |awk ‘{print $4}’ | Print the 4th column |
| zless <archive> | Shows compressed text files |
| bzless <archive> | Shows compressed text files |
| showmount -e <nfs server> | Shows info o a NFS Server |
| sed ‘s/passwd=[a-f0-9]*/REPLACED PASSWORD/g’ in > out | Trim out password from a file |
| ln -s /usr/share/zoneinfo/UTC /etc/localtime | Set localtime to UTC |
| cat /etc/services | Show standard ports |
| host -t ns domain.com | Shows NS of a domain |
| nohup <command/script/..> | Runs a script detached from he current shell session |
| alien file.rpm | Transform a rpm to a deb file |
| dpkg -i file.deb | Install a deb file |
| strace -p <PID> -e trace=network -F -s 5000 | Network activity of a process |
| vi /etc/security/access.conf | Deny users to run cronjobs |
| chage -d 0 <user> | Force a user to change pass at first login |
| lspci | List pci devices |
| lsusb | List usb devices |
| getfacl /folder | Gets ACL of a folder |
| setfacl -m u:test:rw /folder | Allow user test rw on the /folder. Partition needs to be mounted with acl option on |
| grep -v ^# fisier|grep -v -e “^$” | Removes comments and white lines and shows the content of a file |
| :%s/old/new/g | Find and replace in VI |
| kill -USR1 <pid> | Shows the progress of a dd command |
| vi /etc/nologin | Deny access to non super user. Show message in file |
| utmpdump /var/log/wtmp | Read login log file |
| cat /proc/cmdline | Show parameters that kernel loaded at boot |
| ctrl+x e | Open VI for a long,complicated command |
| <space> command | Do not save in history |
| alt . | Paste on cli the argument of the last command |
| dig +short txt keyword.wp.dg.cx | Search Wikipedia for word “keyword” over DNS |
| sshfs <user>@<host>:/path /local_path | Mount folder through ssh. fusermount -u /local_path for umount |
| vim -x file | Add password to a file |
| grep -B 3 <text> <location> | Shows the occurrence of <test> plus the 3 rows before. -A after, -C center |
| pgrep apache | Shows all pids of an apache progress |
| Ctrl+<left> | Moves the cursor a word at a time. works in vi and on the command line.works with right arrow also |
| Ctrl+k | Deletes from the end of a line to the cursor.opposite Ctrl+W |
| rdate -sp <server> | Sync clock with ntp. |
| ntpstat | Checks is the time is synchronized with ntp |
| hdparm -tT /dev/sda1 | Check disk speed |
| sshuttle –dns -vvr user@bash.proxy.com 0/0 | Poor man VPN. easy way to secure ALL trafic through ssh |
| ab -n 100 -c 10 www.website.com | apache benchmark. sends 100 requests, 10 at a time to stress a server |
| ipcalc -c <ip>/<netmask> | Ip calculator |
| dig @ns0.website <zone> axfr | Returns all records from a zone |
| cat ip12 | grep -E -o ‘(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)’ | Returns all ips from a file |
| :(){ :|: & };: | Fork bomb |
| figlet “test” | Ascii text |
| ps aux|awk ‘{print $1 $2}’ | Print 1st and 2nd column |
| sed -i “s/foo/bar/g” file | Edit the file, replace all occurances of foo with bar |
| kill -USR1 <pid> | Shows the progress of a in progress “dd” command. You can find the pid with ps |
| find ./ -inum number -exec rm -i {} ; | Deletes a file by its inode |
| ip addr add 192.168.0.1 dev eth0 | Assign ip address |
| ip route add 192.168.0.0/23 dev eth0 | Assign route |
| route add default gw 10.150.84.1 | Add default gateway |
yum --showduplicates list </td>| Shows all rpm versions in repo | </tr>
| mail -s "subject" -r "sender@mail.com" receiver@mail.com <<< "text" | Send mail with return address set |
ps -o etime </td>| How long ago a process was started | </tr>
| cat << 'EOF'|tee input.sh|bash | Run commands on separate lines and also add them to script |
| pkill [part_of_process_name] | Kills the processes named part_of_process_name even if its not the full name |
| shopt -s cdspell | You can change directory even if you misspell the name |
| cat << EOF >> file.txt | Start writing a file line by line until you enter EOF |
| curl wttr.in/london | Wheather in terminal |
| path=${1?Error argument..} | Path receives first argument passed to the script, or Error of no argument |
| ls *.{sh,py} | List all shell and python scripts |
| tr -dc A-Za-z0-9_ < /dev/urandom |head -c12|xargs | Generate random password |
| bash | lolcat -a -s 250 | Make your terminal interactive and fun |
cat < index.html</td>| Write to file directly from bash | </tr>
hping3 -c 1 -s 123 -p 80 -S </td>Send one TCP SYN to :80 from source port 123</td></tr>
| ping 0|while read a; do echo `date +%T` $a; done | Add date in front of a ping |
| crtl+a | Go to begining of the line |
| crtl+e | Go to end of the line |
| lsof -i -Pn | Listening and established connections |
| ps -eLf | List running threads |
| top + 'H' | List running threads |
| lscpu | Processor details. threads/core |
| yum list installed | Shows installed packages. Like rpm -qa. Also shows repository that was used |
| dig NS www.domain.com | Find nameservers for a certain domain |
dig -x </td>| Reverse DNS search for an ip | </tr>
| tcpdump -nn port 53 -c 100 | Exit exit after first 100 captures disable name and port resolution |
| dig @[nameserver] [domain] +norecurse | Get a non cached response from an authoritive DNS Server |
dig +trace</td>| Traceroute for DNS queries | </tr>
</table>
| | | | | | |
