-i
interface config info (useifconfig -a
on Linux for verbose interface info)-a
all ports(listening and non-listening)-l
all listening ports-t
listening TCP ports-p
display PID and program names-c
it's like watch-rn
list routes but don't resolve ip-n
numeric ports-tulpn
-u
only udp,-t
only tcp, usetu
to filter out UNIX socket and others- the above command
tulpn
will give you open port and their listening program, very useful! -
ss -ltu
: alternative tonetstat -nat
- NO ARGUMENT: list all open files to all active processes
FILE
list processes opened a file-i [tcp][udp][:PORT][:PORT-PORT]
find the process that opened a local internet port-t
output the process id (PID) only-u USER
by user-c STRING
by command starting with string-p PID
by process-iTCP -sTCP:LISTEN
all listening TCP ports+D DIR
list processes that opened files under a directory+d DIR
same as+D
except non recursive-a
AND instead of OR| grep LISTEN
grep listening port
-i eth0
specify interface, if unspecified, then use a default one. specifyany
for all interfaces-A
print packet in ASCII- --------FILTERS--------
host HOST
from or to a hostsrc HOST
from a hostdst HOST
to a hostdst port PORT
to portnet 192.168.1.0/24
specify a network-w dumpfile.pcap
write traffic to fileand, or, not
logical operator
-L
list all rules-S
list all rules (commands format)-n
IP address and ports will be printed in numeric format-v
verbose shows interface name, packets counter, etc.-p
specify protocol-s
specify source ip address(es)-d
specify destination ip address(es)--sport
: source port--dport
: destination port- ----------modify----------
-A
append (lowest priority)-I
insert (top priority)-D RULENUM/RULESPEC
delete-C
check, useful before delete-F, --flush
flush-j
specify rule. e.g. "ACCEPT, DENY"-P
set default policy- ------------save/restore------------
iptables-save iptables-restore
save/restore- install
iptables-persistent
modify permenant
- NO ARGUMENT: ping scan and port scan(1~1000 TCP)
-sn HOST
-port scan-A HOST
+OS detection, version detection, script scanning and traceroute-p PORT1,PORT2.../PORT1-PORT2 HOST
port scan specified ports-sSU HOST
TCP and UDP scan-sU HOST
UDP scan
-n
: numeric, no hostname lookup-T
: send TCP SYN packet (default send UDP packet)-I
: send ICMP ECHO packet-p
: port (default 80 for tcp)
domain
: whois info for domain name, useful for finding out who registered the domain nameip
: whois info for ip address, useful for finding out who owns the ip
-m, --mirror
: ==-r -N -l inf --no-remove-listing
-r, --recursive
: recurisve crawling-l, --level DEPTH
: maximum crawl depth (default 5),inf
for infinite-N, --timestamping
: turn on time stamp, no newer than--no-remove-listing
: some FTP setting, irrelevant
-np, --no-parent
: will not go to parent directory, important for mirroring-nd, --no-directories
: will not create directory hiearchy, dump all files in current dir(caution!), unless-P
specified-nH, --no-host-directories
: will not create host-prefixed directories, dump all files in current dir(caution!), unless-P
specified-P, --directory-prefix PREFIX
: save to this directory-E, --adjust-extension
: append.html
extension to files that is not ended with html but is of type html. Useful for dynamic generated pages.-k, --convert-links
: convert links for offline views-p, --page-requisites
: download all resources for offline view (css, img, etc.)-H, --span-hosts
: also go to foreign hosts, including different sub-domain or different domain.-D, --domains DOMAIN_LIST
: comma-seperated list of domains, used with-H
. E.g.example.com
==*.example.com
--exclude-domains DOMAIN_LIST
: comma-seperated list of domains that will not be crawled, used with-H
-I, --include-directories DIR_LIST
: follow these sub directories-X, --exclude-directories DIR_LIST
: do not follow these sub directories-A, --accept EXT_LIST
: accept these extensions, e.g.*.mp3
-R, --reject EXT_LIST
: reject these extensions, e.g.*.mp3
--spider
: dry run, will not download files, but will create directory (use-nd
to turn off)--load-cookies COOKIE
: use cookie-U, --user-agent AGENT
: specify user agent-nv, --no-verbose
: no verbose, wget is verbose by default-q, --quiet
: no output
wget -nv -nH -m -H -k -p -E -Delastic.co https://www.elastic.co/guide/en/elasticsearch/reference/current/
: this is what I use to mirror a site
nc HOST PORT
-z
: port scan only, withnc -z HOST PORT-PORT
-v
: verbose-l
: listen-k
: must use with-l
, listen forever. Accept new socket, but block others except current socket.-u
: use UDP instead of TCP
openssl (credit)
req
certificate request-x509
generate self-signed cert instead of cert request-newkey rsa:N
generate an RSA private key of N bit-nodes
no passphrase protection for priv key-keyout PRIV-KEY
write priv key to file-out CERT
write certificate to file-days N
days until expiration (default: 30 days)-subj '/CN=DOMAIN'
suppress interactive prompt for cert content (e.g. CN: country name)-subj "/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=www.example.com"
full version of above-sha256
use SHA-2 encryption algorithm (default: SHA-1)
openssl req -x509 -sha256 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 3650
one liner for generating self-signed certificate and private key
- Without Argument: interactively generate RSA key
-f KEY
: use file-E md5 -l -f KEY
: check key fingerprint in MD5 Hex-E md5 -l -f FILE
: check authorized_keys or known_hosts fingerprint in MD5 Hex-p -f KEY
: change key password-s CA_PRIV_KEY -I CA_IDENTIFIER -h -n DOMAIN_NAME -V +TIME HOST_PUB_KEY
: sign a HOST_PUB_KEY with CA_PRIV_KEY-y -f PRIV_KEY
: Generate Pub Key from PRIV_KEY- e.g.
ssh-keygen -s server_ca -I host_auth_server -h -n auth.example.com -V +52w /etc/ssh/ssh_host_rsa_key.pub
OPT SSH_COMMAND
: e.g.sshpass -p password ssh -p 22 root@remote_box
-p PASSWROD
: specify password-f FILE
: read password from FILE
apt install postfix mailutils
: install postfix and mailx
echo CONTENT | mailx -s SUBJECT EMAIL
: send email with subject
-i
case-insensitive-I
case-sensitive-r
recursive grep directory-E
extended-regex (supporting ?, +, {}, (), |)-C|B|A 3
print 3 lines of [C]ontext around | [B]efore | [A]fter-c
count number of matches-v
inverse match-l
print file names with matches-n
print line number-w
whole words (seperated not by letters, digits or underscore)
diff <(CMD1) <(CMD2)
get diff of the output from two commandsdiff - FILE
get diff between a file and stdin-y
side-by-side diff-W NUM
set width--suppress-common-lines
do not show common lines-w
ignore diffing white space
-c
: count number of occurance-d
: print repeated only-u
: print non-repeated only-i
: case insensitive
-r
: raw output. No Double quoted, character escaped safe output--stream
: streaming mode, easier for dealing with large files- ------------QUERY-------------
keys
: returns all keys without values (usekeys_unsorted
for unsorted)A[INDEX]
: query array A, leave out "INDEX" to iterate over all array (NOTE: iterator is different from array in that when you use aggregation functions on them, they will branch instead of acting as a whole)[Q1]
: Wrap Q1 result with an array[A[]]
: this query will turn iterator into array, useful for applying aggregation functionsflatten
: nested array gets flattenedQ1 | Q2
: pipe, reset starting level to Q1F1, F2
: comma, output both F1 and F2A.B
: dot, descend level"\(Q1) XXX"
: string interpolation, replace parathensis with queried value- ----------AGGREGATION----------
group_by(Q1)
: group by Q1, into array of arraysmin max min_by(Q1) max_by(Q1)
: min/max (numeric)unique unique_by(Q1)
: uniquesplit(STR) join(STR)
: split/join@csv @tsv @html @text @json @uri @base64
: output formatnow | todate
: return current time
Bash History Expansion link
-m
create home (not on by default)-s SHELL
specify shell-U
create group with same name-u UID
specify UID-G GROUP1,GROUP2
add user to additional groups
-l
change user name-aG
add user to a group-md
create a new home directory and move everything there
-r
remove home directory as well
passwd
: change password for selfpasswd USER
: change password of USER-d
: remove passwordhead /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''
: generate a random password
--time atime/mtime/ctime
atime: last read access; mtime (default): last write; ctime: last chown or chmod;
- only owner and root can
chmod
- ----------FOR DIRECTORY----------
r
: list insidew
: rename, create, delete inside. Still needx
x
: pass through, cd, access inside.sticky
: files/dir inside can only be deleted/renamed by owner and root
aux
a: all processes; u: for human; -x: include process without control TTYlax
l: long format (faster thanaux
)f
proc hierachy treew
wide format-p PID -o lstart
shows when process was started
pkill -u USER
kill process owned by user
sudo OPTIONS command
-u USER
run as user-H
set $HOME to user home directory
su - USER
login shell for usersu USER
become another user-p
preserve current environment
strace CMD
: run a new command to trace-p PID
: attach to a running process-e trace=SYSCALL1,SYSCALL2...
: filter by syscall, e.g. read, open, close, write. Also meta tags: file, network, signal. See man page for detail-c
: display a summary at the end containing count, errors, duration, percentage instead of playing at real time-C
: same as-c
but also play at real time-o OUTFILE
: output to file-T
: append syscall time duration-t[tt]
: prepend absolute timestamp-r
: prepend relative timestamp-f
: trace child process as well
fallocate -l SIZE FILE
if=IN_FILE of=OUT_FIteLE
bs=SIZE
: size (default in bytes). E.g. 1024M- if no
bs
specified, copy the size of ifile to ofile
mv * .* SUBDIR
: move everything to sub-directorymv * .[^.]* ..
: move everything to parent-directory
- Physical Volume
pvcreate DEV
mark physical volumepvdisplay
show physical volumesvgcreate GROUP_NAME DEV
create volume groupvgdisplay
show groupslvcreate -L SIZE -n VOLUME_NAME GROUP
create logical volumelvdisplay
show volumes-
lsblk
list partitiongrowpart /dev/xvdf 1
reize partitionresize2fs /dev/xvdf1
resize filesystem
Printing (credit)
lpc status all
: list printerslpr -P PRINTER FILE
: print file on PRINTERlpq -P PRINTER
: see PRINTER queuelprm ID
: remove job from queuelprm -
: remove all jobs
tune2fs -l /dev/sda2 | grep created