KALI LINUX COMMANDS

After opening the command line in linux OS, we saw a default message.

username@hostname-present working directory(PWD)

Dollar symbol means user access, hash symbol means root access.

SHORTCUTS:
Alias - Sometimes typing commands can get really repetitive, or if you need to type a long
command many times, it’s best to have an alias you can use for that.
Usage: alias minoj=’sudo apt install’

Keep in mind that this command won't save your alias after reboot, so you'll need to add a
permanent alias in: ~/.bashrc

Auto-Complete

[TAB] - Initiates auto-complete.

Cursor Movement

[CTRL] + A - Move the cursor to the beginning of the current line.

[CTRL] + E - Move the cursor to the end of the current line.

[CTRL] + [←] / [→] - Jump at the beginning of the current/previous word.

[ALT] + B / F - Jump backward/forward one word.

Erase The Current Line

[CTRL] + U - Erase everything from the current position of the cursor to the beginning of the
line.

[Ctrl] + K - Erase everything from the current position of the cursor to the end of the line.

[Ctrl] + W - Erase the word preceding the cursor position.

Paste Erased Contents

[Ctrl] + Y - Pastes the erased text or word.

Ends Task

[CTRL] + C - Ends the current task/process

End-of-File (EOF)

[CTRL] + D - Close STDIN pipe that is also known as End-of-File (EOF) or

End-of-Transmission.

Clear Terminal

[CTRL] + L - Clears the terminal. An alternative to this shortcut is the clear command you
can type to clear our terminal.

Background a Process
[CTRL] + Z - Suspend the current process and run in the background.

Search Through Command History

[CTRL] + R - Search through command history for commands we typed previously that
match our search patterns.

[↑] / [↓] - Go to the previous/next command in the command history.

Switch Between Applications

[ALT] + [TAB] - Switch between opened applications.

Zoom

[CTRL] + [+] - Zoom in.

[CTRL] + [-] - Zoom out.

Shutdown - for shutting down the system

Usage: sudo shutdown now

Date - for showing date & time

Usage: date

GETTING HELP:
Man - manual of any tool, full documentation of tool
Usage: man curl

Help - it is also like a man command but it gives a list of arguments connected with the tool.
Usage: curl –h (or) curl -h (or) curl –help

Apropos - it gives short descriptions of keywords from the tool manual.

usage: apropos sudo

SYSTEM INFORMATION:
Whoami - it displays the username ( tells the username who is working )
usage: whoami
Hostname - it displays the hostname ( tells the hostname )
usage: hostname

Uname - prints basic info about the operating system and hardware
usage: uname

Pwd - present working directory, it tells the path you are in!
usage: pwd

Ifconfig - interface configuration, displays the status of the currently active network
interfaces and network related information
usage: ifconfig

Ip - Ip is to show or manipulate routing, network devices, interfaces and tunnels.

usage: ip

ps - it tells about the current processes running

usage: ps

Netstat - shows network status, Print network connections, routing tables, interface
statistics. netstat displays a list of open sockets.
usage: netstat

ss - another utility to investigate sockets.

Socket: a program running on different computers can use the same port number. Hence
port numbers cant be used to identify a computer uniquely. So, socket is a combination of ip
address and port number (127.0.0.1:80). Port uses a socket to identify the computer.
SOCKS5 is a secured proxy.
The main difference between proxies and VPNs is that VPNs encrypt your traffic and proxies
don't.

usage: ss

Who - Displays who is logged in. ( username with date and time )
usage: who

Ssh - secure shell, to configure and maintain a computer through remote access.
usage: ssh username@ipaddress and password
NETWORK CONFIGURATION:

ping - used to test connectivity between two devices. It sends packets to a remote host and
measures the time to return them.
Usage: ping <ip address>

traceroute - This will display the IP addresses of the devices that the packets pass through
to reach the website server. It sends packets to a remote host and displays the IP addresses
of the devices that the packets pass through.
Usage: traceroute <www.tryhackme.com>

NAVIGATION:
In windows, for navigating to any location, we use a mouse or touchpad. In linux, we can use
the command line.

Ls - it lists the files and folders in the current directory. Hidden file names start with . (.bash)
usage: ls

Cd - change directory/path.
usage: cd Desktop (or) cd /Desktop/downloads/path

Cd - - step back to the last directory you are in

usage: cd -

Clear, ctrl+l - clean the command line

usage: clear

Up arrow and down arrow - command history

Ctrl+r - search command history
WORKING WITH FILES AND DIRECTORIES:
For opening and editing any file in windows, we go to file explorer and then search the file,
then we do editing and so on. But on Linux, we use the command line.

Touch - create a new text file. Only for creating, not editing. For creating and editing, use the
NANO command.
usage: touch test.txt

Mkdir - create a new folder

usage: mkdir -p test/document/file/text (or) mkdir test

Tree - view all files and directories in tree format

usage: tree

Mv - move and rename files. The mv command is able to move multiple files, as long as the
final argument provided to the command is the destination.
usage: mv test.txt testing.txt ( for renaming file ) and mv test.txt Downloads/ ( for moving
test file to downloads folder )

Cp - copy files
usage: cp Storage/readme.txt Storage/local/

Dd - it is a utility for copying files or entire partitions at the bit level.

Usage - dd if=/dev/sda of=/dev/sdb

Rm - remove the files

usage: rm <filename> (for removing files ) rm -R <directory name> ( for removing directory )

EDITING FILES:
Touch command is used for just creating a file and mkdir is used to create a folder. For
editing, have a look.

Nano - for creating and editing a file with less features.

usage: nano test.txt ( one editor opened for editing this file ). Write and save, ctrl+x to exit,
then confirm to save and exit.

> - to add text to newly created files/replace the existed text in that file
usage: echo “i like food” > food.txt

>> - add additional text to files

usage: echo “i loved it” >> food.txt
Cat - to view the contents of the file
usage: cat test.txt

More - to view file contents more

Usage: more <file name>

Less - to view file contents less

Usage: less <file name>

Head - to view contents of the file in top

Usage: head <filename>

Tail - to view contents of the file in bottom

Usage - tail <filename>

Vim - visual, it is an advanced editor

usage: vi <filename>

FINDING FILES AND DIRECTORIES:

We didn't know where all the files were. So we use search in windows. But here in linux, we
use some commands to find any files.

Which - it searches for the file and give its path also.
Usage: which <filename,foldername>

Find - it is also used for searching, it results the all related files.
Usage: find <filename>

Locate - it offers us a quicker way to search through the system. It is an effective search.
Usage: locate <filename>

FILTER CONTENTS:
Grep - The grep command is a text filter that will search input and return lines which contain
a match to a given pattern.
Usage: grep <search term> <filename> eg., grep Monkey alpha.txt

REGULAR EXPRESSIONS:

PERMISSION MANAGEMENT:
R - read
W - write
X - execute

U - owner
G - group
O - others
A - all users

[+] or a [-] - to add remove the designated permissions

[=] - for exact permission

Chmod - change permissions like read, write, execute.

Usage: chmod u+x <filename> ( for giving executing permissions )

Chown - for changing the owner

Usage: sudo chown root <filename>

Permission codes:
777 - anyone can do anything (read, write, or execute)
755 - you can do anything; others can only read and execute ( drwx-r-xr-x )
711 - you can do anything; others can only execute
644 - you can read and write; others can only read
USER MANAGEMENT:
Sudo - execute as root, execute command as a different user.
Usage: sudo <command>

Exit - to change from root user to normal user

Usage: exit

Useradd - Creates a new user or updates default new user information.

Usage: useradd

Userdel - Deletes a user account and related files.

Usage: userdel

Usermod - Modifies a user account.

Usage: usermod

Addgroup - Adds a group to the system.

Usage: addgroup

Delgroup - Removes a group from the system.

Usage: delgroup

Passwd - Changes user password.

Usage: passwd

PACKAGE MANAGEMENT:
Package files are commonly installed by downloading them directly from repositories located
on Internet servers. The Debian repositories contain more than 65,000 different packages of
software. Before installing a package, it is good practice to refresh the list of available
packages using the apt-get update command.

A package is an archive file. Packages are archives that contain binaries of software,
configuration files, information about dependencies and keep track of updates and upgrades.
When installing a program from a standalone ".deb" file, we may run into dependency issues
and need to download and install one or multiple additional packages.

Apt - Advanced Package Manager, Apt provides a high-level command-line interface for the
package management system.
Usage: sudo apt install <package name>

Updating all packages of the system should be done in two steps. First, update the cache of
all packages available with apt-get update. Second, execute the apt-get upgrade
command and all packages and dependencies will be updated.

An administrator can execute the apt-get remove command to remove a package or the
apt-get purge command to purge a package completely from the system.

Gem - Gem is the front-end to RubyGems, the standard package manager for Ruby.
Usage:

Pip - Pip is a Python package installer recommended for installing Python packages that are
not available in the Debian archive. It can work with version control repositories (currently
only Git, Mercurial, and Bazaar repositories), logs output extensively, and prevents partial
installs by downloading all requirements before starting installation.
Usage: pip install

Git - we have git installed, we can use it to download useful tools from Github.
Usage: git clone <repository address>

EXECUTE MULTIPLE COMMANDS:

There are three possibilities to run several commands, one after the other. These are
separated by:

Semicolon (;)
Double ampersand characters (&&)
Pipes (|)

The difference between them lies in the previous processes' treatment and depends on
whether the previous process was completed successfully or with errors.
semicolon(;) - The semicolon (;) is a command separator and executes the commands by
ignoring previous commands' results and errors.
Usage: echo 1; ls; cat test.txt

AND characters (&&) - to run the commands one after the other. If there is an error in one
of the commands, the following ones will not be executed anymore, and the whole process
will be stopped.
Usage: touch test.txt && vim

Pipes (|) - depend not only on the correct and error-free operation of the previous processes
but also on the previous processes' results.
Usage: touch test.txt | vim

WEB SERVERS:
We need one local web server for receiving http responses and installing web pages locally
for running PHISHING pages.
A separate function is considered as a server. We regularly saw some of these:
APACHE2
PYTHON
SSH
VPN

Inorder to use these servers, we need to install them first.

Apache2 - sudo apt install apache2 -y

Python - sudo apt install python3 -y
Vpn - sudo apt install openvpn -y
Ssh - sudo apt install openssh-server -y

-y - means assume YES to all prompts

After installing these servers, we need to start them.

Systemctl start <server name> - for starting any server

Systemctl status <server name> - for checking status
Systemctl stop <server name> - for stopping the server.

Ssh - for operating systems remotely. We can connect to another system remotely.
Usage: ssh username@ip address
Apache2 - running web server locally
Usage: systemctl start apache2

cURL - for downloading and viewing pages and files from web server
Usage: curl http://localhost

Wget - it is also the same as cURL.

Usage: wget http://localhost

BACKUP AND RESTORE:

Rsync - Rsync is an open-source tool that allows us to quickly and securely back up files
and folders to a remote location. It is particularly useful for transferring large amounts of data
over the network
Usage: sudo apt install rsync -y ( for installing )
rsync -av /path/to/mydirectory user@backup_server:/path/to/backup/directory (for backing
up)

Deja Dup - same like Rsync

Duplicity - same like Rsync

CONTAINERS:
Containerization is a process of packaging and running applications in isolated
environments, such as a container, virtual machine, or serverless environment. Technologies
like Docker, Docker Compose, and Linux Containers make this process possible in Linux
systems.

For example, we might need to test a web application requiring a specific database or web
server version. Rather than setting up these components on our machine, which can be
time-consuming and error-prone, we can create a container that contains the exact
configuration we need.
Su - switch user(superuser)
Ssh - to connect two computers ( ssh username@ipaddress )
Ifconfig - to check network connections, ipaddress
Cd - change directory (change from one path to another)
Cd .. - to get back from directory
Cd - to go to home ( there is a space after cd )
Pwd - print working directory ( it tells your current path)
Ls - list out all file in current directory
Ls -al - to check hidden files (-al is a switch, check all switches at -help)

Touch - create new file

Mkdir - create new folder
> - add content to file ( echo hello > word.txt )
Cp - copy
Mv - move
Rm - remove

Help - to get help ( enter command name and then enter –help , eg: cp –help )
Man - to get manual of any command (man su)
Apropos - Each manual page has a short description available within it. This tool searches
the descriptions for instances of a given keyword.

Find - for searching anything with name

apt-get distupgrade - To upgrade to a newer version of Operating System.

Apt-get update - updates all old tools
Apt-get upgrade - it upgraded tools
Apt-get install - it installs tools
Git clone - for installing any tool from github
Chmod +x - for giving permission to installed tools from github/outside tools
./ - to run the .sh files
Ctrl+c - to quit running program in middle
Clear - to clear window

Python - to start python in kali

Ctrl+d - to exit from python
Pip install - to install python packages

Cat - to read content in text files, not able to edit

Nano - to read and edit contents in all types of files ( ctrl x Y to save edited file )

—---------------------------------------------------------------------------------------------------------------

whoami Displays current username.

id Returns users identity
hostname Sets or prints the name of the current host system.
uname Prints basic information about the operating system name and system hardware.
pwd Returns working directory name.
ifconfig The ifconfig utility is used to assign or to view an address to a network interface
and/or configure network interface parameters.
ip Ip is a utility to show or manipulate routing, network devices, interfaces and tunnels.
netstat Shows network status.
ss Another utility to investigate sockets.
ps Shows process status.
who Displays who is logged in.

—------------------------------------------------------------------------------------------------------------------------

man <tool> Opens man pages for the specified tool.

<tool> -h Prints the help page of the tool.
apropos <keyword> Searches through man pages' descriptions for instances of a given
keyword.
cat Concatenate and print files.
whoami Displays current username.
id Returns users identity.
hostname Sets or prints the name of the current host system.
uname Prints operating system name.
pwd Returns working directory name.
ifconfig The ifconfig utility is used to assign or view an address to a network interface and/or
configure network interface parameters.
ip Ip is a utility to show or manipulate routing, network devices, interfaces, and tunnels.
netstat Shows network status.
ss Another utility to investigate sockets.
ps Shows process status.
who Displays who is logged in.
env Prints environment or sets and executes a command.
lsblk Lists block devices.
lsusb Lists USB devices.
lsof Lists opened files.
lspci Lists PCI devices.
sudo Execute command as a different user.
su The su utility requests appropriate user credentials via PAM and switches to that user
ID (the default user is the superuser). A shell is then executed.
useradd Creates a new user or update default new user information.
userdel Deletes a user account and related files.
usermod Modifies a user account.
addgroup Adds a group to the system.
delgroup Removes a group from the system.
passwd Changes user password.
dpkg Install, remove and configure Debian-based packages.
apt High-level package management command-line utility.
aptitude Alternative to apt.
snap Install, remove and configure snap packages.
gem Standard package manager for Ruby.
pip Standard package manager for Python.
git Revision control system command-line utility.
systemctl Command-line based service and systemd control manager.
ps Prints a snapshot of the current processes.
journalctl Query the systemd journal.
kill Sends a signal to a process.
bg Puts a process into background.
jobs Lists all processes that are running in the background.
fg Puts a process into the foreground.
curl Command-line utility to transfer data from or to a server.
wget An alternative to curl that downloads files from FTP or HTTP(s) server.
python3 -m http.server Starts a Python3 web server on TCP port 8000.
ls Lists directory contents.
cd Changes the directory.
clear Clears the terminal.
touch Creates an empty file.
mkdir Creates a directory.
tree Lists the contents of a directory recursively.
mv Move or rename files or directories.
cp Copy files or directories.
nano Terminal based text editor.
which Returns the path to a file or link.
find Searches for files in a directory hierarchy.
updatedb Updates the locale database for existing contents on the system.
locate Uses the locale database to find contents on the system.
more Pager that is used to read STDOUT or files.
less An alternative to more with more features.
head Prints the first ten lines of STDOUT or a file.
tail Prints the last ten lines of STDOUT or a file.
sort Sorts the contents of STDOUT or a file.
grep Searches for specific results that contain given patterns.
cut Removes sections from each line of files.
tr Replaces certain characters.
columnCommand-line based utility that formats its input into multiple columns.
awk Pattern scanning and processing language.
sed A stream editor for filtering and transforming text.
wc Prints newline, word, and byte counts for a given input.
chmod Changes permission of a file or directory.
chown Changes the owner and group of a file or directory.