My Commands

From Network Security Wiki
Jump to navigation Jump to search


Quick Traceroute

traceroute -n -w 1 -m 10

Save Packet Captures

tcpdump -s 0 -i eth0 host -v -w /tmp/packet_capture.cap

Netstat list Applications along with open port numbers

netstat -anp 8080
netstat -an | grep 8080

Netstat list Programs and open port

netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0   *               LISTEN      800/rpcbind
tcp        0      0  *               LISTEN      1522/nginx

Show active connections/Applications only

sudo netstat -tulpn
netstat -lnt

Ping a Range:

for i in {131..140}; do ping -c 1 -t 1 10.52.1.$i; done

List Files

Sort List by Time

ls -lhtra

Sort List by Size

ls -lhSra

Do not sort; list entries in directory order

ls -U


Execute cmd in other dir & return back to original dir

(cd /etc && ls -a)

Copy/Move all files from sub directories into current dir

cp ./*/* .
mv ./*/* .

Loop Commands

for i in `find . -type f`; do echo $i; cat $i; done | grep terminate
while true; do this; do that; sleep 2; done

Redirect Standard error to null:

find / -name 'geeqierc.xml' 2>/dev/null

Flush Logs without delete

for i in *; do >$i; done

Quickly backup a file:



Filter comments from a config file

grep -vE '^#|^;|^$' server.conf

Filter multiple strings

pstree | grep -e docker -e ssh


Extract "*.gz" file

gunzip FILE_NAME.gz

Extract "*.tar.gz" file

tar zxf FILE_NAME.tar.gz

Extract "*.tar.bz2" file

tar jxf FILE_NAME.tar.bz2

Extract multiple archives into sub directories:

for i in `find $(pwd) -type f -name '*.gz'`; do echo $i; j=$(echo $i | cut -d '.' -f1); echo $j; mkdir $j; tar xvzf $i -C $j; done

Extract files from similarly named directories:

for i in `find . -name 'tech_node*'`; do cd $i; sudo tar xvzf node.tar.gz; cd ..; done

Creating a Tar file from a directory:

tar -zcvf /tmp/log.tar.gz /opt/avi/log/*

Testing Archives without extracting:

tar tvf logs.tar.gz

Generate 100 HTTP requests

sudo apt-get install parallel
seq 100 | parallel --no-notice -j0 --joblog log curl -s{} ">" {}.txt cut -f 4 log
seq 100 | parallel --no-notice -j0 --joblog log curl{} ">" {}.txt

Finding Old Logs

  • Find and Delete more than 30 days old files:
find /tmp/report_ftw -type f -mtime +30
find /tmp/report_ftw -type f -mtime +30 -name "messages.*" -exec rm -f {} \;
  • List and Delete gz files older than 30 days:
find /var/log -type f -mtime +30 -name "*.gz" -exec ls {} \;
find /var/log -type f -mtime +30 -name "*.gz" -exec rm -f {} \;

Searching Multiple text files

for i in log*; do echo $i ; cat $i | egrep -vi "error|not|warning|false" ; done

Replace a keyword in all files at once

find ./ -name \*.tf -exec sed -i "s/cybernetnews/cybernet/g" {} \;
find ./ -type f -readable -writable -exec sed -i "s/cybernetnews/cybernet/g" {} \;


R1(config-router)#do sh run | section ospf
R1(config-router)#do sh run | s ospf
R1(config-router)#do sh run | include ospf
R1(config-router)#do sh run | i ospf

Top Command

top     E cycle through Memory units - KB,MB,GB
        1 CPU details for each core
        m Memory Graph
        c complete path
        k kill <pid>
        M Sort by memory usage
        P Sort by CPU usage
        R Results in ascending order
top -o %CPU
top -o %MEM
top -b -n 1 > top.txt

CPU Limit

sudo apt-get install cpulimit
ps | grep matho-prime               # Find PID of process
sudo cpulimit -b -l 50 -p 16299     # 16299 is PID & 50 is the CPU %

Text Editor

Nano Search

Cntrl + W


Cntl + b  => One page before
Cntl + f  => One page after
dd        => Cut Line
<n>dd     => Cut n Lines 
yy        => Copy Line
<n>yy     => Copy n Lines
p         => Paste

File Sharing

Check Samba Shares

sudo apt install smbclient
smbclient // -U aman

HTTP Proxy through SSL Tunnel

ssh -L aman@
Access        =
Jump Server   = aman@
Remote Server =


Test Site Reliability:

for i in {1..999}; do echo -n $i ' '; curl -s -w %{http_code} -o /dev/null -m 1; echo ""; sleep 1; done
for i in {01..999}; do echo -n $i HTTP Code:' '; /usr/bin/time -qf " Real:%e User:%U Sys:%S" curl -s -w %{http_code} -o /dev/null -m 1; sleep 1; done


curl -I                            ==> Response Headers only (HEAD)
curl -v                            ==> Request & Response Headers
curl -k                            ==> No Certificate validation.
curl -H "user-agent: Mozilla/5.0"  ==> custom header
curl -L                            ==> Handle URL redirects 	
curl -X <method>                   ==> Custom request method; otherwise defaults to GET; DELETE, POST, PUT, GET; use with -d data
curl -d  or curl -F                ==> POST
curl -T                            ==> PUT

See just Request & Response Headers:

curl -vs 2>&1 > /dev/null| sed '/^* /d; /bytes data]$/d; s/> //; s/< //'

Do not use Cache(Server or proxies in middle can ignore this):

curl -H 'Cache-Control: no-cache'

Output specific lines from multiline output:

curl -skL | awk '/Articles/ &&NR>=178 && NR<= 180'
curl -skL | awk 'NR>=178 && NR<= 180' | grep Articles


rsync -avz --progress /home/user/Downloads/ pi@