pwd | Prints the current working directory. | pwd |
ls | Lists the files and directories in the current directory. | ls |
cd | Changes the current directory. | cd /home/user/ |
cat | Displays the contents of a file. | cat filename.txt |
touch | Creates a new empty file. | touch filename.txt |
mv | Moves a file or directory. | mv filename.txt /home/user/ |
cp | Copies a file or directory. | cp filename.txt /home/user/ |
rm | Deletes a file or directory. | rm filename.txt |
mkdir | Creates a new directory. | mkdir newdirectory |
rmdir | Deletes an empty directory. | rmdir directoryname |
chmod | Changes the permissions of a file or directory. | chmod 777 filename.txt |
chown | Changes the owner of a file or directory. | chown user:group filename.txt |
ps | Displays the running processes. | ps |
top | Displays the system's processes in real-time. | top |
kill | Terminates a process. | kill PID |
ping | Tests the connectivity between two hosts. | ping google.com |
netstat | Displays the network connections. | netstat -a |
ifconfig | Displays the network interfaces and their configurations. | ifconfig |
iwconfig | Displays the wireless network interfaces and their configurations. | iwconfig |
tcpdump | Captures network traffic. | tcpdump |
nmap | Scans a network and identifies hosts and open ports. | nmap -sS 192.168.1.1 |
dig | Retrieves DNS information. | dig google.com |
whois | Retrieves domain registration information. | whois google.com |
wget | Downloads a file from the Internet. | wget https://example.com/file.zip |
curl | Transfers data from or to a server. | curl https://example.com/ |
scp | Copies files securely over SSH. | scp filename.txt user@remotehost:/home/user/ |
ssh | Connects to a remote host securely. | ssh user@remotehost |
grep | Searches for a string in a file. | grep "searchstring" filename.txt |
find | Searches for files and directories. | find / -name filename.txt |
tar | Archives files and directories. | tar -cvf archive.tar filename.txt |
unzip | Extracts files from a zip archive. | unzip archive.zip |
sed | Edits a file. | sed 's/search/replace/g' filename.txt |
awk | Processes text files. | awk '{print $1}' filename.txt |
diff | Compares two files. | diff file1.txt file2.txt |
tee | Redirects output to a file and the screen. | command |
date | Displays the system date and time. | date |
cal | Displays a calendar. | cal |
uptime | Displays the system's uptime. | uptime |
free | Displays the system's memory usage. | free |
df | Displays the disk usage. | df |
du | Displays the disk usage of files and directories. | du -h filename.txt |
history | Displays the command history. | history |
man | Displays the manual pages of a command. | man ls |
ssh-keygen | Generates an SSH key pair. | ssh-keygen |
ssh-copy-id | Copies the public key to a remote host. | ssh-copy-id user@remotehost |
openssl | Manages digital certificates and encryption. | openssl genrsa -out key.pem 2048 |
iptraf | Monitors network traffic in real-time. | iptraf |
iptables | Manages firewall rules. | iptables -L |
nc | Sends and receives data over a network connection. | nc google.com 80 |
socat | Transfers data between two connections. | socat TCP4-LISTEN:8000,fork TCP4:google.com:80 |
strace | Traces the system calls of a process. | strace ls |
ltrace | Traces the library calls of a process. | ltrace ls |
gdb | Debugs a program. | gdb program |
file | Determines the file type. | file filename |
hexdump | Displays the hexadecimal representation of a file. | hexdump -C filename |
base64 | Encodes or decodes base64 data. | base64 filename |
ncat | A modern version of netcat with additional features. | ncat google.com 80 |
ss | Displays network connections in a more detailed format. | ss -tunapl |
ngrep | Filters network traffic by regular expressions. | ngrep -i "searchstring" |
hping3 | Sends custom packets to a network host. | hping3 google.com -S -p 80 |
tcpflow | Captures and reassembles TCP streams. | tcpflow -c -i eth0 |
tcpreplay | Replays network traffic from a pcap file. | tcpreplay -i eth0 traffic.pcap |
tshark | Captures and analyzes network traffic in real-time. | tshark -i eth0 |
ettercap | Sniffs network traffic and performs MITM attacks. | ettercap -T -M arp:remote /192.168.1.1/ /192.168.1.2/ |
aircrack-ng | Cracks WEP and WPA/WPA2 keys. | aircrack-ng capture.cap |
hydra | Performs password attacks on remote services. | hydra -l username -P passwordlist.txt ssh://remotehost |
john | A password cracker for Unix/Linux. | john --wordlist=passwordlist.txt hashfile.txt |
hashcat | A password cracker for a variety of hash types. | hashcat -m 0 -a 0 hashfile.txt passwordlist.txt |
sqlmap | Automates SQL injection attacks. | sqlmap -u "http://example.com/page.php?id=1" |
nikto | Scans web servers for vulnerabilities. | nikto -h example.com |
dirb | Scans web servers for directories and files. | dirb http://example.com/ |
wpscan | Scans WordPress sites for vulnerabilities. | wpscan --url example.com |
sslscan | Scans SSL/TLS servers for vulnerabilities. | sslscan example.com:443 |
stunnel | Wraps an unsecured connection in SSL/TLS. | stunnel -c -d 127.0.0.1:8080 -r example.com:80 |
lynx | A text-based web browser. | lynx http://example.com |
nslookup | Queries DNS servers for information. | nslookup example.com |
host | Resolves IP addresses to hostnames and vice versa. | host example.com |
traceroute | Determines the path of network packets. | traceroute example.com |
mtr | Combines ping and traceroute functionality. | mtr example.com |
masscan | Scans large networks for open ports and services. | masscan 10.0.0.0/8 -p 80,443 |
snmpwalk | Retrieves information from SNMP-enabled devices. | snmpwalk -v2c -c public example.com |
smbclient | Connects to SMB/CIFS file shares. | smbclient //example.com/share -U username |
rpcclient | Connects to RPC services. | rpcclient -U username example.com |
ftp | Connects to FTP servers. | ftp example.com |
tftp | Transfers files using the Trivial File Transfer Protocol. | tftp example.com -c get file.txt |
telnet | Connects to remote hosts using the Telnet protocol. | telnet example.com 23 |
sftp | Transfers files between hosts over SSH. | sftp user@example.com |
rsync | Synchronizes files and directories between hosts. | rsync -avz /path/to/source user@example.com:/path/to/destination |
wc | Counts the number of lines, words, and characters in a file. | wc -l file.txt |
cut | Extracts columns from files. | cut -f 1,3 -d ":" file.txt |
head | Displays the first few lines of a file. | head file.txt |
tail | Displays the last few lines of a file. | tail file.txt |
less | Displays the contents of a file one page at a time. | less file.txt |
more | Displays the contents of a file one page at a time. | more file.txt |
patch | Applies patches to files. | patch -p0 < patchfile |
gunzip | Decompresses files compressed with gzip. | gunzip file.gz |
bzip2 | Compresses files using the bzip2 algorithm. | bzip2 file.txt |
bunzip2 | Decompresses files compressed with bzip2. | bunzip2 file.bz2 |
zip | Archives and compresses files and directories using the ZIP format. | zip archive.zip file.txt |
dd | Copies data between files, disks, and partitions. | dd if=/dev/zero of=/dev/sda bs=1M count=10 |
parted | Manages disk partitions. | parted /dev/sda |
fdisk | Another utility to manage disk partitions. | fdisk /dev/sda |
mount | Mounts file systems. | mount /dev/sda1 /mnt |
umount | Unmounts file systems. | umount /mnt |
lsblk | Lists information about available block devices. | lsblk |
blkid | Lists information about available block devices. | blkid |
lsof | Lists open files and the processes that have them open. | lsof file.txt |
htop | An alternative to top with more features and interactivity. | htop |
wireshark | A GUI-based network traffic analyzer. | wireshark |
netcat | Transfers data over TCP and UDP connections. | netcat example.com 80 |
medusa | Another tool for brute-forcing passwords. | medusa -u username -P /path/to/wordlist -h example.com -M http |
ncrack | A tool for brute-forcing network services. | ncrack -p 22 example.com |
metasploit | A framework for developing and executing exploits. | msfconsole |
arpspoof | Spoofs ARP packets to redirect network traffic. | arpspoof -i eth0 -t targetip gatewayip |
fcrackzip | A tool for cracking password-protected ZIP archives. | fcrackzip -u -D -p /path/to/wordlist.zip file.zip |
tcp_wrappers | Controls access to network services based on IP addresses and domain names. | /etc/hosts.allow |
screen | A terminal multiplexer that allows multiple sessions in a single window. | screen |
tmux | Another terminal multiplexer with more features than screen. | tmux |
sort | Sorts lines in text files. | sort file.txt |
uniq | Removes duplicate lines in text files. | uniq file.txt |
locate | Searches for files and directories using an index of the filesystem. | locate file.txt |
which | Shows the path of a command. | which grep |
systemctl | Manages system services on systemd-based Linux distributions. | systemctl start/stop/restart/status service |
uname | Displays system information, such as the kernel version. | uname -a |
iftop | Displays network traffic in real-time. | iftop |
ip | Shows and configures network interfaces and routing. | ip addr |
route | Shows and configures the system's routing table. | route |
arp | Displays and modifies the system's ARP cache. | arp |
echo | Prints text to the terminal. | echo "Hello, world!" |
watch | Repeatedly runs a command and displays its output. | watch -n 1 ls -l |
sleep | Suspends execution for a specified amount of time. | sleep 10 |
exit | Terminates the current shell session. | exit |
netdiscover | A tool for discovering hosts on a network. | netdiscover -i eth0 |
arp-scan | A tool for scanning for live hosts on a network. | arp-scan --interface=eth0 --localnet |
enum4linux | A tool for enumerating information from Windows and Samba systems. | enum4linux -a target |
wfuzz | A tool for fuzzing web applications. | wfuzz -c -w wordlist.txt http://target/FUZZ |
burp | A web application security testing tool. | burpsuite |
dnsenum | A tool for enumerating DNS information. | dnsenum target |
fierce | A tool for DNS reconnaissance. | fierce -dns target |
theharvester | A tool for gathering email accounts, subdomains, and hosts. | theharvester -d target -l 500 -b google |
exploitdb | A database of exploits and vulnerable software. | searchsploit |
metagoofil | A tool for extracting metadata from public documents. | metagoofil -d target -t pdf -l 200 -n 50 |
exiftool | A tool for reading and writing metadata in image files. | exiftool image.jpg |
steghide | A tool for hiding data in image and audio files. | steghide embed -cf image.jpg -ef secret.txt |
volatility | A tool for analyzing memory dumps. | volatility -f memory.dump imageinfo |
dnsrecon | A tool for performing DNS reconnaissance. | dnsrecon -d target |
gobuster | A tool for brute-forcing URIs and directories. | gobuster dir -u http://target -w wordlist.txt |
joomscan | A tool for scanning Joomla! websites for vulnerabilities. | joomscan -u target |
dirbuster | A tool for brute-forcing URIs and directories. | dirbuster -u http://target -w wordlist.txt |
zaproxy | An open-source web application security scanner. | zap.sh |
pwdump | A tool for dumping Windows passwords from the SAM database. | pwdump SYSTEM SAM |
mimikatz | A tool for dumping Windows credentials from memory. | mimikatz.exe "sekurlsa::logonpasswords" |
psexec | A tool for executing commands on remote Windows systems. | psexec target cmd.exe |
smtp-user-enum | A tool for enumerating email accounts on a mail server. | smtp-user-enum -M VRFY -U users.txt -t target |
johntheripper | A password-cracking tool. | john --wordlist=passwords.txt hashfile |
hashid | A tool for identifying the type of a hash. | hashid hash |
hash-identifier | A tool for identifying the type of a hash. | hash-identifier hash |
hashcat-utils | A set of utilities for working with hash files. | hcat_hashes.sh hashfile |
crunch | A tool for generating wordlists. | crunch 8 8 -t @@@@@@@@ |
ophcrack | A tool for cracking Windows passwords. | ophcrack |
bkhive | A tool for extracting Windows registry hives. | bkhive SYSTEM registry-hive |
samdump2 | A tool for dumping Windows password hashes. | samdump2 SYSTEM SAM |
wce | A tool for dumping Windows credentials from memory. | wce |
wmiexec | A tool for executing commands on remote Windows systems using WMI. | wmiexec.py user:password@target "command" |
winexe | A tool for executing commands on remote Windows systems using SMB. | winexe -U user%password //target "command" |
mitmproxy | A tool for intercepting and modifying HTTP/HTTPS traffic. | mitmproxy |
sslstrip | A tool for stripping SSL/TLS encryption from HTTPS traffic. | sslstrip -l 8080 |
dnswalk | A tool for DNS reconnaissance. | dnswalk -r target |
recon-ng | A tool for reconnaissance and information gathering. | recon-ng |