Linux Commands for Security Analysis
Essential Linux commands for cybersecurity professionals, system administrators, and penetration testers.
File System Commands
| Command |
Description |
Example |
ls |
List directory contents |
ls -la /etc |
find |
Search for files |
find / -name "*.conf" |
grep |
Search text using patterns |
grep "error" /var/log/syslog |
chmod |
Change file permissions |
chmod 600 secret.txt |
stat |
Display file status |
stat suspicious.file |
Network Commands
| Command |
Description |
Example |
netstat |
Network statistics |
netstat -tulnp |
ss |
Socket statistics |
ss -tulnp |
tcpdump |
Packet analyzer |
tcpdump -i eth0 port 80 |
nmap |
Network scanner |
nmap -sV 192.168.1.1 |
curl |
Transfer data from URLs |
curl -I http://example.com |
System Information Commands
| Command |
Description |
Example |
ps |
Process status |
ps aux | grep ssh |
top |
Display processes |
top |
uname |
System information |
uname -a |
df |
Disk space usage |
df -h |
free |
Memory usage |
free -m |
Security-Related Commands
| Command |
Description |
Example |
sudo |
Execute as superuser |
sudo apt update |
su |
Switch user |
su - username |
passwd |
Change password |
passwd username |
openssl |
Cryptography toolkit |
openssl enc -aes-256-cbc -in file.txt -out file.enc |
last |
Show last logged in users |
last |