2. 30 Commands of Linux Operating System
ls
The ls
command is used to list the contents of a directory. It displays the names of files and directories within the current or specified directory. This command can be enhanced with options such as -l
for a detailed listing and -a
to include hidden files. It is widely used for navigation and file management in Unix/Linux systems.
ls

lscpu
The lscpu
command is a powerful utility used to display detailed information about the CPU architecture of a system. It provides details such as the CPU architecture type, operational modes (32-bit or 64-bit), byte order, number of CPUs, threads per core, cores per socket, and vendor-specific information like the CPU model name and family. This command is helpful for system administrators, developers, or users performing system performance analysis or hardware compatibility checks.
lscpu

lsblk
The lsblk
command displays detailed information about block devices, such as hard drives, SSDs, and partitions. It provides a tree-like structure showing the device names, types, sizes, and mount points. This command is useful for analyzing storage configurations and managing disk partitions.
lsblk

lspci -tv
The lspci -tv
command is used to display detailed information about PCI devices connected to the system in a tree-like structure. It provides a hierarchical view of devices such as graphics cards, network cards, and other PCI-compliant hardware. This command is useful for diagnosing hardware configurations or troubleshooting issues related to PCI devices.
lspci -tv

lshw
The lshw
command is used to list detailed information about the hardware configuration of a system. It provides insights into CPU, memory, disks, and other hardware components, making it a valuable tool for system analysis and troubleshooting.
lshw

cat /proc/cpuinfo
The cat /proc/cpuinfo
command displays detailed information about the CPU, including its model, vendor ID, speed, cache size, and number of cores. It reads directly from the system's /proc
virtual file system to provide accurate hardware data.
cat /proc/cpuinfo

cat /proc/meminfo
The cat /proc/meminfo
command provides detailed information about system memory, including total available memory, free memory, and memory usage by the kernel. It is helpful for monitoring system performance and debugging memory-related issues.
cat /proc/meminfo

cat /proc/mounts
The cat /proc/mounts
command lists all mounted file systems along with details such as the mount point, file system type, and mount options. It is useful for understanding current storage configurations and diagnosing file system issues.
cat /proc/mounts

free -h
The free -h
command displays the system's memory usage in a human-readable format. It shows total, used, free, and available memory, providing a quick overview of memory allocation for performance monitoring.
free -h

sudo dmidecode
The sudo dmidecode
command retrieves hardware information directly from the system's BIOS. It provides details about components such as the processor, memory, and system manufacturer, making it essential for hardware diagnostics and inventory management.
sudo dmidecode

df -h
The df -h
command displays disk space usage for all mounted file systems in a human-readable format. It shows details such as total space, used space, available space, and usage percentage for each file system.
df -h

du -sh [directory_name]
The du -sh [directory_name]
command shows the disk space used by a specified directory in a summarized and human-readable format. It is helpful for quickly identifying storage usage by directories.
du -sh [directory_name]

ps
The ps
command lists the currently running processes for the current user in the terminal. It provides details such as process IDs, terminal identifiers, and CPU usage statistics.
ps

ps aux
The ps aux
command lists all running processes on the system, including those from other users and without controlling terminals. It is a comprehensive view of system activity and resource utilization.
ps aux

top
The top
command displays a dynamic real-time view of running processes, sorted by resource usage. It includes information on CPU, memory usage, process IDs, and user details.
top

htop
The htop
command provides an interactive and user-friendly way to monitor system processes and resources. It displays CPU, memory, and swap usage, allowing users to manage processes directly from the interface.
htop

which [command]
The which [command]
command searches for the executable file of a given command in directories listed in the $PATH
environment variable. It is useful for identifying the location of command binaries.
which [command]

whereis [command]
The whereis [command]
command locates the binary, source code, and manual page of a given command. It is helpful for quickly finding all related files for a command.
whereis [command]

mkdir [directory_name]
The mkdir [directory_name]
command creates a new directory with the specified name. It is commonly used for organizing files and structuring directories.
mkdir [directory_name]

rm [file_name]
The rm [file_name]
command removes the specified file from the file system. Use caution as deleted files cannot be recovered without backups.
rm [file_name]

cp [source_file] [destination_file]
The cp [source_file] [destination_file]
command copies the contents of the source file to the destination file. It can also be used to copy directories using the -r
flag.
cp [source_file] [destination_file]

mv [source_file] [destination_file]
The mv [source_file] [destination_file]
command moves a file to a new location or renames it. It is useful for reorganizing files and directories.
mv [source_file] [destination_file]

touch [file_name]
The touch [file_name]
command creates a new, empty file with the specified name. It can also be used to update the timestamp of an existing file.
touch [file_name]

cat [source_file] >> [destination_file]
The cat [source_file] >> [destination_file]
command appends the contents of the source file to the destination file without overwriting its existing content.
cat [source_file] >> [destination_file]

sed 's/[old_string]/[new_string]/g' [file_name]
The sed 's/[old_string]/[new_string]/g' [file_name]
command uses the stream editor to search and replace all occurrences of [old_string]
with [new_string]
in a file.
sed 's/[old_string]/[new_string]/g' [file_name]

curl -o [filename] [url]
The curl -o [filename] [url]
command downloads the contents of the specified URL and saves it to the specified file. It is commonly used to fetch files from the internet.
curl -o [filename] [url]

head [file_name]
The head [file_name]
command displays the first ten lines of a file. It is useful for quickly viewing the beginning of a file.
head [file_name]

tail [file_name]
The tail [file_name]
command displays the last ten lines of a file. It is useful for monitoring logs and checking recent updates in files.
tail [file_name]

gpg -c [file_name]
The gpg -c [file_name]
command encrypts a file using GPG symmetric encryption. It prompts the user to enter a passphrase to secure the file, making it useful for protecting sensitive information.
gpg -c [file_name]

gpg [file_name].gpg
The gpg [file_name].gpg
command decrypts an encrypted .gpg file. It prompts the user to enter the passphrase used during encryption. This command is essential for accessing the contents of a file secured using GPG encryption.
gpg [file_name].gpg

Command Justifications for Ethical Hacking
1. ls
- List directory contents
Use Case: Enumerating files and directories on a compromised system to understand its structure.
Practical Example: After gaining access to a remote shell, you can list sensitive files like credentials or configuration files.
2. lscpu
- View CPU information
Use Case: Gathering information about the target system's architecture for crafting optimized payloads or exploits.
Practical Example: Identifying the CPU type to determine whether the system runs a vulnerable version of specific software.
3. lsblk
- View block devices
Use Case: Identifying mounted drives and storage devices to locate critical data.
Practical Example: Knowing which drives contain sensitive data helps attackers focus their efforts during post-exploitation.
4. lspci -tv
- Display PCI devices
Use Case: Determining hardware like network cards to exploit vulnerabilities specific to those devices.
Practical Example: Identifying a vulnerable network card for a direct hardware attack.
5. lshw
- List hardware details
Use Case: Gathering comprehensive hardware information to understand the target environment better.
Practical Example: Identifying specific hardware setups that could have weak security configurations.
6. cat /proc/cpuinfo
- View CPU details
Use Case: Similar to lscpu
, for gathering CPU details to optimize attacks.
Practical Example: Using this data to determine how to escalate privileges based on system architecture.
7. cat /proc/meminfo
- View memory details
Use Case: Checking available memory to execute large payloads or resource-intensive attacks.
Practical Example: Ensuring sufficient RAM is available for running large malware scripts.
8. cat /proc/mounts
- View mounted filesystems
Use Case: Identifying critical file systems for data exfiltration or tampering.
Practical Example: Locating filesystems like /boot
or /home
for further exploitation.
9. free -h
- Check memory usage
Use Case: Evaluating system load and memory availability before launching resource-intensive attacks.
Practical Example: Ensuring the system can handle a DoS attack without immediate crashes.
10. sudo dmidecode
- Display BIOS information
Use Case: Accessing hardware and BIOS information to exploit firmware vulnerabilities.
Practical Example: Finding a specific manufacturer’s BIOS flaw to gain persistence.
11. df -h
- Disk usage
Use Case: Checking disk space to determine storage availability for malicious uploads or tools.
Practical Example: Ensuring there’s enough disk space for data exfiltration.
12. du -sh [directory]
- Disk usage of a directory
Use Case: Identifying large directories that might contain important or sensitive files.
Practical Example: Scanning the largest directories for further reconnaissance.
13. ps
- Show running processes
Use Case: Enumerating processes to find weak or exploitable services.
Practical Example: Identifying processes like mysql
or httpd
for exploitation.
14. ps aux
- Detailed process list
Use Case: Similar to ps
, but with more detailed information on each process.
Practical Example: Finding processes running as root for privilege escalation opportunities.
15. top
- System resource monitor
Use Case: Monitoring system load and identifying high-priority processes to target.
Practical Example: Spotting resource-heavy applications that might be easier to attack.
16. htop
- Interactive process viewer
Use Case: Provides a user-friendly view of processes for analysis.
Practical Example: Identifying resource-intensive processes for exploitation.
17. which [command]
- Locate command path
Use Case: Ensuring required tools are available on the system.
Practical Example: Checking for binaries like netcat
or nmap
for further attacks.
18. whereis [command]
- Locate binaries
Use Case: Similar to which
, used for locating specific binaries and their associated files.
19. mkdir
, rm
, cp
, mv
- File operations
Use Case: Basic operations to manage files or directories during an attack.
Practical Example: Creating directories to store exfiltrated data or moving files to hide activities.
20. cat
, sed
- View or modify file content
Use Case: Reading and altering files to tamper with logs or configurations.
Practical Example: Modifying configuration files to create backdoors.
21. curl
- Download from the internet
Use Case: Fetching malicious scripts or tools from remote servers.
Practical Example: Downloading an exploit payload during a live attack.
22. gpg
- Encrypt/decrypt files
Use Case: Encrypting sensitive stolen data for secure exfiltration.
Practical Example: Encrypting data before uploading to a remote server.
10. Commands of Linux Operating System
Sl. no. | Command | Description |
---|---|---|
ls |
List directory contents | |
lscpu |
See CPU information. | |
lsblk |
See information about block devices. | |
lspci -tv |
Show PCI devices (graphics card, network card, etc.) in a tree-like diagram. | |
lshw |
List hardware configuration information. | |
cat /proc/cpuinfo |
Show detailed CPU information. | |
cat /proc/meminfo |
View detailed system memory information. | |
cat /proc/mounts |
See mounted file systems. | |
free -h |
Display free and used memory. | |
sudo dmidecode |
Show hardware information from the BIOS. | |
df -h |
Display disk space usage. | |
du -sh [directory_name] |
See the disk space used by a directory. | |
ps |
Show running processes. | |
ps aux |
Show all running processes. | |
top |
Display all running processes. | |
htop |
Monitor system resources. | |
which [command] |
Search the command path in the $PATH environment variable. |
|
whereis [command] |
Use the whereis command to find the source, binary, and manual page for a command. | |
mkdir [directory_name] |
Create a new directory. | |
rm [file_name] |
Remove a file. | |
cp [source_file] [destination_file] |
Copy the contents of one file to another file using the cp command. | |
mv [source_file] [destination_file] |
Move or rename files or directories. | |
touch [file_name] |
Create a new file using touch. | |
cat [file_name] |
Show the contents of a file. | |
cat [source_file] >> [destination_file] |
Append file contents to another file. | |
sed 's/[old_string]/[new_string]/g' [file_name] |
Replace text in a file using the sed command. | |
curl -o [filename] [url] |
Store the contents of url from internet to a file. | |
head [file_name] |
Show the first ten lines of a file. | |
tail [file_name] |
Show the last ten lines of a file with the tail command. | |
gpg -c [file_name] |
Encrypt a file. | |
gpg [file_name].gpg |
Decrypt an encrypted .gpg file. |