Skip to content


Application Shortcuts

  • System: /usr/share/applications/
  • System: /usr/local/share/applications/
  • Flatpak: /var/lib/flatpak/exports/share/applications/
  • Snap: /var/lib/snapd/desktop/applications/
  • Local: ~/.local/share/applications/


Type chmod xxx <filename> to change permissions where xxx is the numerical code from the table below.

Explaination of the Codes: .      ...                 ...                 ...
                           (type) (user persmissions) (group permissions) (world permissions)

The first item can be d (a directory), - (a regular file) or l (a symbolic link).
The following three triplets specify permissons for the user, group and world in that order.
In each tripplet, permissions can be r (read), w (write), x (execute) or - (not assigned).
Setting permissions can be done via numbers: r=4, w=2, x=1 and -=0.

Setting Code Use Case
---------- 000 Locking even yourself out. Use chmod again, if this happens.
-r-------- 400 An auto-generated password file (e.g. ~/.google_authenticator).
-rw------- 600 Owner can read and write, everyone else has no access. ~/.history, all the ssh keys in your ~/.ssh folder.
-rwx------ 700 Owner has full access, no one else has access. Your ~/.ssh folder.
-r--r--r-- 444 A textfile, that others should see as well, but nobody should modify it.
-r-xr-xr-x 555 A folder, that others should be able to cd into as well, but nobody should modify it.
-rw-r--r-- 644 Owner can read and write, everyone else can read.
-rw-rw-rw- 666 All users can read and write but not execute.
-rwxr-xr-x 755 Owner has full access, others can read and execute the file. Files and folders you want other people to see.
-rwxrwxrwx 777 No restriction, global WRX any user can do anything. Files and folders you want other people to see and modify. The most open permission.

Permissions on directory have the following meaning:
The read bit allows to list the files within the directory.
The write bit allows to create, rename, or delete files within the directory, and modify the directory's attributes.
The execute bit allows to enter the directory, and access files and directories inside.

To view permissions as numerical code: stat -c %a <filename>.

What does s mean? (click to expand) "s", like "x", means something different for directories and regular files.

For files, "x" means "executable" of course. For directories, it means "searchable." Without "x" permission on a directory, you can't set it to be your current directory, or get any of the file information like size, permissions, or inode number, so that you effectively can't access any of the files. If a directory has no "r" permission, you can't get a listing, but if you know a file is there, you can still access the file.

Now "s", for files, means "setuid exec." If a file has s permission, then it's executable, and furthermore, the user id and/or group id of the process is set to the user or group id of the owner of the file, depending on whether it's the user or group "s" that's set. This is a way to give limited root powers to a user -- a program that runs as root when an ordinary user executes it. For example, the "passwd" program, which can change otherwise write-protected files on behalf of a user, works this way: it's owned by the "bin" group (generally) and has g+s so that it can write to /etc/passwd and/or /etc/opasswd which are also owned by group "bin."

For directories, "s" means "sticky". If a directory has "s", then the owner and/or group of any files put into the directory are set to the owner/group of the directory. This is often used on CVS repositories, so that the files in the repository end up all owned by the same person and/or group, even though they're put in by different people. I use g+s on all the CVS repositories I set up.

File System

  • /bin Common programs, shared by the system, the system administrator and the users.
  • /boot Boot files, boot loader (grub), kernels, vmlinuz
  • /dev Contains references to system devices, files with special properties.
  • /etc Important system config files.
  • /home Home directories for system users.
  • /lib Library files, includes files for all kinds of programs needed by the system and the users.
  • /lost+found Files that were saved during failures are here.
  • /mnt Standard mount point for external file systems.
  • /media Mount point for external file systems (on some distros).
  • /net Standard mount point for entire remote file systems – nfs.
  • /opt Typically contains extra and third party software.
  • /proc A virtual file system containing information about system resources.
  • /root root users home dir.
  • /sbin Programs for use by the system and the system administrator.
  • /tmp Temporary space for use by the system, cleaned upon reboot.
  • /usr Programs, libraries, documentation etc. for all user-related programs.
  • /var Storage for all variable files and temporary files created by users, such as log files, mail queue, print spooler. Web servers, Databases etc.

Interesting files and directories

Places that are worth a look if you are attempting to privilege escalate / perform post exploitation.

  • /etc/passwd Contains local Linux users.
  • /etc/shadow Contains local account password hashes.
  • /etc/group Contains local account groups.
  • /etc/init.d/ Contains service init script – worth a look to see whats installed.
  • /etc/hostname System hostname.
  • /etc/network/interfaces Network interfaces.
  • /etc/resolv.conf System DNS servers.
  • /etc/profile System environment variables.
  • ~/.ssh/ SSH keys.
  • ~/.bash_history Users bash history log.
  • /var/log/ Linux system log files are typically stored here.
  • /var/adm/ UNIX system log files are typically stored here.
  • /var/log/httpd/access.log Apache access log file typical path.
  • /etc/fstab File system mounts.

Cron Jobs


Every Minute            * * * * *
Every Five Minutes      */5 * * * *
Every 10 Minutes        */10 * * * *
Every 15 Minutes        */15 * * * *
Every 30 Minutes        */30 * * * *
Every Hour              0 * * * *
Every Two Hours         0 */2 * * *
Every Six Hours         0 */6 * * *
Every 12 Hours          0 */12 * * *
During the Work Day     */5 9-17 * * *
Every day at Midnight   0 0 * * *
Every Two Weeks         0 0 * * Sun [ $(expr $(date +%W) % 2) -eq 1 ] && /path/to/command
First day, every Month  0 0 1 * *
January 1st at Midnight 0 0 1 1 *

Linux Tools

Pimp Linux


Virtualize, Emulate and Port


original alternative
ack ag
cat bat
cd zoxide
curl curlie
curl curlx
cut choose
diff git + diff-so-fancy, delta, diffoscope, icdiff
dig dog
du duf, dust, space-hogs
find fd
grep ripgrep, ugrep, sift, fselect
history mcfly
locate plocate
ls exa, lsd
man tldr, cheet
ping gping, prettyping
ps procs
sed sd
tar asar
top btop, gtop, htop, tiptop, bottom, glances, bpytop
tree broot
sort | uniq huniq
ping gping


  • view json with fx
  • jq is a JSON processor


  • bandwhich is a terminal bandwidth utilization tool
  • bmon is a bandwidth monitor and rate estimator.
  • bv is a terminal-based tool for monitoring the progress of data through a pipeline.
  • colorls beautifies the terminal's ls command, with color and font-awesome icons.
  • fuck correct previously failed command inputs.
  • fzf is a command-line fuzzy finder.
  • hexyl is a hex viewer.
  • httpie is a command-line HTTP client for the API era.
  • hyperfine is a command-line benchmarking tool.
  • loop is UNIX's missing loop command.
  • nnn is a commandline file manager.
  • pathpicker (fpp) accepts a wide range of input and presents you with a nice UI to select which files you're interested in.
  • starship creates a customizable prompt for any shell.
  • tokei counts your code quickly and presents stats.
  • viu allows you to view images in the terminal.
  • watchexec executes commands in response to file modifications.
  • xd is a tool for sending HTTP requests.



         _.-'   '-._
     _.-'           '-._
 _.-'                   '-._
|                        _,-|
|                    _,-'+++|
|                _,-'+++++++|
|             ,-'+++++++++++|
|             |++++ ++++++++|
|             |+++   +++++++|
|             |++  +++++++++|
|             |++++  +++**++|
|             |++   ++**++++|
'-,_          |+++ ++++++_,-'
    '-,_      |++++++_,-'
        '-,_  |++_,-'

Most commands listed here will work on any linux distributions but if in doubt it will most likely run on the latest Ubuntu.

Some great helpers:


Random basics

  • Show all files: ls -halt
  • Check installed packges: sudo tasksel
  • Update and upgrade: sudo apt update && apt -y full-upgrade && apt -y autoremove
  • Upgrading to a newer release: do-release-upgrade
  • Check who is online: w
  • Show all system users: cut -d: -f1 /etc/passwd
  • Save to file: ls -halt > result.txt
  • Append to file: echo "add this" >> existing-file.txt
  • Pipe output e.g. to trash (to not see it): grep "stuff" 2> /dev/null
  • Change owner of file or dir: chown user:group blah
  • Change owner of file or dir recersive for all folders below: chown -R user:group blah
  • Change file / dir permissions: chmod 600 file
  • List all open ports: netstat -atun

Chain commands:

  • Pipe the output of command1 to command2: <command1> | <command2>
  • Execute command2 after command1: <command1> ; <command2>
  • Execute command2 if command1 succeded: <command1> && <command2>
  • Redirect errors of command1 to file1: <command1> 2> <file1>
  • Redirect standard and error output of command1 to file1 <command1> &> <file1>


Command Description
Ctrl+A Jump to beginning.
Ctrl+E Jump to end.
Ctrl+W Delete one word left of the cursor.
Ctrl+U Delete entire line.
Ctrl+Y Paste back what you just deleted.

Script Snippets

              ___       ___        ___
             ####      ####       ####
            ####      ####       ####
      _____####______####___    ####
     #######################   ####
    #######################   ####
        ####      ####       ####
       ####      ####       ####
  ____####______####____   ####
 #######################  ####
#######################  ___
   ####      ####       ####
  ####      ####       ####
 ####      ####       ####


  • Base64: echo -n '12345678:abcdefg' | base64


  • Backup: tar -cf archive-1.tar "dir-with-content"
  • Compress: gzip -9 -f -k archive-1.tar
  • Extract: gzip -d -f -k archive-1.tar.gz

Replace string

find . -type f -exec sed -i 's/STRING GOES HERE/REPLACEMENT HERE/g' {} +
find . -type f -exec sed -i 's|Click \[here\](/here/)!|Click HERE!|g' {} +

Infinite loop one-liner

while true; do echo 'Inside the loop'; sleep 5; done

Repeat a key every second

while true; do xdotool key F5; sleep 1; done

Check if root

if [ "$EUID" -ne 0 ]; then
    echo "You need to run this script as root"
    exit 1

Check path

if [ "$PWD" != "$HOME" ]; then
    echo "You need to run this script from your home directory $HOME"
    exit 1

Check virtualization platform (openvz)

if [ "$(systemd-detect-virt)" == "openvz" ]; then
    echo "OpenVZ is not supported"

Check virtualization platform (lxc)

if [ "$(systemd-detect-virt)" == "lxc" ]; then
    echo "LXC is not supported."

Bash profiling

Execute these lines in a shell, or put them at the top of your bash script:

set -x

Now, every time you execute a command or script, you will see a timestamp, line number, and command/script executed.

export A=1
# + 1608294433.986333 (3) export A=1
# + 1608294433.986378 (3) A=1

export B=2
# + 1608294439.100780 (4) export B=2
# + 1608294439.100807 (4) B=2

[ "$A" == "$B" ] && echo 'Equal' || echo 'Not Equal' && false
# + 1608294491.748071 (5) '[' 1 == 2 ']'
# + 1608294491.748115 (5) echo 'Not Equal'
# Not Equal
# + 1608294491.748200 (5) false


Paste these function in the ~/.bashrc file.

Make a new folder and cd into it

  • Usage: mkcd name1
  • Code: mkcd(){ NAME=$1; mkdir -p "$NAME"; cd "$NAME"; }


  • Count files in directory: alias fcount='ls -1 | wc -l'
  • Disable "Save workspace" promt when closing R: alias R='R --no-save'
  • Tweak df: alias df='df -h'
  • Tweak du: alias du='du -h'
  • Weather: alias wetter='curl${1:-hannover}'
  • Using Exa instead of ls

    sh alias l='exa' alias la='exa -a' alias ll='exa -lah' alias ls='exa --color=auto'

  • Finding out which linux you are using: uname -m && cat /etc/*release

  • Bulk renaming of files: rename 's/ch0/ch/gi' *.tiff
  • Read markdown in terminal (Example: markdown

    sh markdown () { pandoc "$1" | lynx -stdin }

last 10 commands that ran in the current directory

Add this function to your .bashrc

``` sh title=".bashrc" function addhistory() { echo "{1%%'\n'}|${PWD} " >> ~/.history_ext }

Create file e.g. `folderhistory` with the content below and add it to your `$PATH`

``` sh title="folderhistory"
grep -v "folderhistory" ~/.history_ext | grep -a --color=never "${PWD}   " | cut -f1 -d"|" | tail


System Information

Get system details

  • Get all environment variables: printenv
  • Get all configuration variables: getconf -a
  • Show ports/connections open: lsof
  • Get ubuntu version: lsb_release -r
  • Free disk space: df -h

System Performance Check

  • uptime
  • dmesg | tail
  • vmstat 1
  • mpstat -P ALL 1
  • pidstat 1
  • iostat -xz 1
  • free -m
  • sar -n DEV 1
  • sar -n TCP,ETCP 1
  • top


Press Ctrl+R to search through your history using auto-complete. Press Ctrl+R again and it will cycle though the other auto-completion options. Press Enter and the command will execute. Press , to edit commands.

  • Location of history file: echo $HISTFILE
  • Clear the history of current shell: history -c
  • Overwrite the history file with the current shell's history: history -c | history -w | exit
  • Delete first 15 entries: for i in {1..15}; do history -d 1; done
  • Clear history completly: ln -sf /dev/null ~/.bash_history && history -c && exit
  • Disable history: sudo echo "unset HISTFILE" >> /etc/profile
  • Disable history for user "0xfab1": echo "unset HISTFILE" >> /home/0xfab1/.bash_profile
  • Change number of lines stored in an ongoing history list session: echo "HISTFILESIZE=10 >> ~/.bashrc
  • Change amount of lines used for the history stack when it’s written to the history file: echo "HISTSIZE=0 >> ~/.bashrc
  • Top commands used: history | awk 'BEGIN {FS="[ \t]+|\\|"} {print $3}' | sort | uniq -c | sort -nr
  • Commands only used once: history | awk 'BEGIN {FS="[ \t]+|\\|"} {print $3}' | sort | uniq -c | sort -n | grep ' 1 '


  • List open file descriptors (-i flag for network interfaces): lsof -i :8080
  • Stream current disk, network, CPU activity, etc: dstat -a
  • Trace system calls of a program: strace -f -e <syscall> <cmd>
  • Print currently active processes: ps1 aux | head -n20
  • Visualize process forks: ps1tree
  • Show size on disk for directories and their contents: du -ha
  • List currently open Internet/UNIX sockets and related informationnetstat | head -n20
  • Find hostname for a remote IP address: nslookup <IP address>
  • Current installed version: cat /etc/issue
  • Kernel information: uname -a
  • OS information: lsb_release -a
  • Device Information: lspci -v
  • Check the hostname of your machine: hostname
  • Shows last logged in users: last
  • Shows currently logged in user and groups for the user: id
  • List users on Linux: getent passwd
  • Show mounted drives: mount
  • Shows running kernel version: uname -ar
  • Show bash history, commands the user has entered previously: history

Disk Stuff

DD: low-level data dumping utility

  • burning an ISO image to USB stick is just one command away: sudo dd if=ubuntu-18.04.1-desktop-amd64.iso of=/dev/sdb bs=1M
  • hard wipe a disk: sudo dd if=/dev/zero of=/dev/sda

DU: Disk usage command is used for quickly estimating the drive space used in a folder or partition

  • Show files and sort by size: /data/java$ du -sh * | sort -h

DF: Used for estimating disk space but for the entire disk rather than a directory or folder.

  • show which partition is how much full: df -h


  • Execute a command and report statistics about how long it took: time <cmd>
  • Send a process in current tty into background and back to foreground: CTRL + z ; bg; jobs; fg
  • Change Default Shell For A User: chsh -s /usr/bin/zsh username
  • Make and Change To That New Directory: mkdir new_dir && cd $
  • Configure Your Server Timezone: dpkg-reconfigure tzdata
  • Kill Everything Running On A Certain Portsudo kill "sudo lsof -t -i:3000"
  • See if the http status of the request changes: watch -d curl -LIs localhost:3000
  • Update access and modify time: touch
  • Update access time: touch -a
  • Update modify time: touch -m
  • Show The Size Of Everything In A Directoryls | xargs du -sh
  • Saying Yes: yes | rm -r ~/some/dir
  • Show Disk Usage For The Current Directory: du -h | sort -nr


To make a default Vim installation more useful, type the following 5 lines into its .vimrc file:

set hls ic is nu noswf


Command Description
screen Create a new session.
Ctrl+A,D Detach from current screen session.
Ctrl+D End current session. Similart to exit.
screen -r Reattach to session.
screen -ls List all sessions.
screen -S <name> -L Create a new screen session <name> with logging enabled.
screen -r <name> Reattach to session with <name> if there are multiple ones.
screen -rx <name> Attach to session that is already attached.
Ctrl+A, Esc Enter scroll mode. Use ↑ and ↓ or Pg Up and Pg Dn to scroll. Hit Esc to exit scroll mode.


create a new tmux session


or create a new session with a name e.g. "SessionName"

tmux new-session -sSessionName

Use these commands to navigate between windows:

  • Control + B + N next session
  • Control + B + C new session

Join a tmux session (e.g. from a different device or user)

tmux attach

or be specific:

tmux attach-sesssion -t SessionName

Kill first window (0):

tmux kill-window -t 0

Kill a session:

tmux kill-session

Work with a file

  • Cat A File With Line Numbers: cat -n file
  • Line count in a file: wc -l <file>
  • Count unique words in a file: cat file.txt | xargs -n1 | sort | uniq -c
  • Display contents of a zipped text file: zcat <file.gz>
  • Copy a file from remote to local server, or vice versa: scp <user@remote_host> <local_path>
  • List Stats For A File: stat -x
  • Securely Remove Filessrm -vz or shred -uvz -n 5
  • Securely Remove Files after rm was used: sfill -lvz /home
  • Copying File Contents To System Paste Buffer: cat some-file.txt | pbcopy
  • Exclude A Directory With Find: find . -type f -not -path './.git/*' -ctime -10
  • File Type Info With File: file data.txt
  • Find Newer Files than this file: find blog -name '*.md' -newer blog/
  • Get The Unix Timestamp: date +%s
  • Hexdump A Compiled File: cat Hello.class | hexdump -C
  • Grep For Files Without A Match: grep -L "foobar" ./*
  • Grep For Files With Multiple Matches: grep -rl "match1" src/css | xargs grep -l "match2"
  • Add "new entry" in line 13 of file "file.txt": sed -n -i 'p;13a new entry' file.txt
  • Remove lines under n (e.g. 6) characters: sed -E '/^.{,6}$/d' /path/to/input/file > /path/to/output/file or gsed -E '/^.{,6}$/d' /path/to/input/file > /path/to/output/file
  • Sort Alphabetically and Remove Duplicates: sort -us -o /path/to/output/file /path/to/input/file or bash -c "LC_ALL='C' gsort -us -o /path/to/output/file /path/to/input/file"


  • Valid IPv4 Address: grep -E -o "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"
  • Valid IPv4 CIDR Range: grep -E -o "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))"
  • Valid IPv6 Address: grep -E -o "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*"
  • Valid IPv4 CIDR Range: grep -E -o "^s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*(\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))"
  • Valid Hostname: grep -E -o "^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])"
  • Regex Escape String: sed -E 's/([\.\\\+\*\?\[\^\]\$\(\)\{\}\=\!\<\>\|\:\-\#])/\\1/'
  • Regex Base64: sed -E '^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}\=|[A-Za-z0-9+/]{3}=)?$'
  • Credit Card Numbers: grep -E -o "(^4[0-9]{12}(?:[0-9]{3})?$)|(^(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}$)|(3[47][0-9]{13})|(^3(?:0[0-5]|[68][0-9])[0-9]{11}$)|(^6(?:011|5[0-9]{2})[0-9]{12}$)|(^(?:2131|1800|35\d{3})\d{11}$)
  • Email Addresses: grep -E -o "(([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)(\s*;\s*|\s*$))*
  • Grab Everything Before the First Comma grep -E -o "^.[^,]*(?=(\,))
  • Filenamesgrep -E -o "[^\\\/:*?"<>|\r\n]+$
  • Hash - MD5 grep -E -o "[a-fA-F0-9]{32}
  • Hash - SHA1 grep -E -o "[a-fA-F0-9]{40}
  • Hash - SHA256 grep -E -o "[a-fA-F0-9]{64}
  • Hash - SHA512 grep -E -o "[a-fA-F0-9]{128}
  • Hex grep -E -o "/^#?([a-f0-9]{6}|[a-f0-9]{3})$/
  • Phone Numbers grep -E -o "^(\+\d{1,2}\s)?\(?\d{3}\)?[\s.-]?\d{3}[\s.-]?\d{4}$
  • MAC Address grep -E -o "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$
  • URLs grep -E -o "(https?:\/\/)?(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()!@:%_\+.~#?&\/\/=]*)
  • Valid URLs grep -E -o "\b((ht|f)tp(s)?:\/\/|www\.)+[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9]{2,}((\/)?([-a-zA-Z0-9@:%_\+.~#?&\/=]*)?)\b
  • US Social Security Numbers grep -E -o "^(?!0{3})(?!6{3})[0-8]\d{2}-(?!0{2})\d{2}-(?!0{4})\d{4}$

Network Stuff

  • Find Device in Monitoring Mode: iwconfig 2>/dev/null | grep "Mode\\:Monitor" | awk '{print $1}'
  • Find Access Point: iwconfig 2>&1 | sed -n -e 's/^.\*Access Point: //p'
  • Linux IPv6 search devices in local network: ping6 -c 2 -I en0 -w ff02::1
  • Show Linux network ports with process ID’s (PIDs): netstat -tulpn
  • Watch TCP, UDP open ports in real time with socket summary: watch ss -stplu
  • Show established connections: lsof -i
  • Change MAC address: macchanger -m MACADDR INTR
  • Change MAC address using ifconfig: ifconfig eth0 hw ether MACADDR
  • Get hostname for IP addressnbtstat -A x.x.x.x
  • Block access to e.g. "" from the host machinetcpkill -9 host
  • Enable IP forwarding: echo "1" > /proc/sys/net/ipv4/ip_forward
  • Change DNS to echo "" > /etc/resolv.conf
  • Nmap scan every interface that is assigned an IP: ifconfig -a | grep -Po '\b(?!255)(?:\d{1,3}\.){3}(?!255)\d{1,3}\b' | xargs nmap -A -p0-
  • Extract your external IP address using dig: dig +short


Simple DNS performance check:

TIMEFORMAT=%R && (time dig @ 2>&1 > /dev/null

Simple DNS performance check with loop through DNS list "dns.txt"

for dns in `cat dns.txt`; do echo -n $dns: && TIMEFORMAT=%R && (time dig @$dns 2>&1 > /dev/null; done

dns.txt could look like this:

``` txt title="dns.txt"

Loop through DNS list and check website 10x

``` sh
TIMEFORMAT=%R && for dns in `cat dns.txt`; do (for i in {1..10}; do (echo -n $dns: && (time dig @$dns 2>&1 > /dev/null); done); done

Fun Stuff

Entertaining nonsense:

  • Loop Train: for i in {1..10}; do sl; done

Alternatives for tree command:

-ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//──/g' -e 's/─/├/' -e '$s/├/└/' -find . -not -path '*/\.*' | python -c "import sys as s;s.a=[];[setattr(s,'a',list(filter(lambda p: c.startswith(p+'/'),s.a)))or (s.stdout.write(' '*len(s.a)+c[len(s.a[-1])+1 if s.a else 0:])or True) and s.a.append(c[:-1]) for c in s.stdin]"

If you don't have tree maybe create an as such: alias tree='command from above here'

Display all terminal colors

for x in {0..8}; do 
    for i in {30..37}; do 
        for a in {40..47}; do 
            echo -ne "\e[$x;$i;$a""m\\\e[$x;$i;$a""m\e[0;37;40m "
echo ""

Langton's ant simulation

echo -ne "\033#8";X=`tput cols`;Y=`tput lines`;((a=$X/2));((b=$Y/2));d=1;while case $d in 0)((a=a<2?X:a-1));;1)((b=b<2?Y:b-1));;2)((a=a==X?1:a+1));;3)((b=b==Y?1:b+1));; esac;do ((c=b+a*X));v=${k[c]:- };[ $v. = @. ]&&{((d=d>2?0:d+1));k[c]="";}||{(( d=d<1?3:d-1));k[c]=@;};echo -ne "\033[$b;${a}H$v";done

Other Stuff

  • Reboot: init 6
  • Compile C code: gcc -o output.c input.c
  • Compile 32 bit binary on 64 bit Linux: gcc -m32 -o output.c input.c
  • Disable bash history logging: unset HISTORYFILE
  • Connect to RDP server from Linux.rdesktop X.X.X.X
  • Kill current session: kill -9 $$
  • Clear bash history: cat /dev/null > ~/.bash_history
  • one-time table: for i in {1..12}; do for j in $(seq 1 $i); do echo -ne $i×$j=$((i*j))\\t;done; echo;done