15 must-know Linux Commands for Ethical hackers

Linux is an Operating system like UNIX, in which the commands are run in the terminal provided by the Linux system. The terminal is just like the command prompt of Windows OS. However, the commands are case sensitive. Linux commands are used to navigate and operate the operating system. You would be fully able to control your Linux machine through a terminal using only commands.

These are not only essential for general operations but also specialized tasks. Hackers tend to use the command line for most of their work as it is highly versatile and customizable. Here, we provide a list of 15 top Linux commands for ethical hackers and general tech enthusiasts.

Linux Commands


Some of the most frequently used Linux commands are as follows:-

1. Ls

Ls is used to list the files of the current directory user is logged into or directories. The command also accepts certain other options( or flags) that changes how the files or directories are listed on the terminal.

Syntax : ls [OPTION]


Some of the options provided are :-

• ls – To list the contents of the current working   directory .
• ls[directory path here] – To list the contents of another directory .

• ls / – To list the contents of the root directory.

• ls~ – To list the contents of user’s home directory.

• ls* – To list the contents of directories with its
sub-directories .

These are just 5 among the many options provided by ls. Thus if you’re ever in need of one or forgot any, you can run ls — help/ man ls, which displays all the possible options for ls command.

2. Whoami

The command Whoami is a concatenation of strings who, am and i, which displays the username of the user who just invoked the command to the standard output.

Syntax: whoami [ OPTION ]


Whoami provides two options :
• Whoami — help
          Provides help message and exits.

• Whoami — version
          Provides the version information and exits.

Shells like ash and sh doesn’t show the user currently logged into the prompt.
Similarly the su command ( substitute user) changes the owner of the session without the first user having to log out earlier.
In situations like this it is useful to use Whoami.

Whoami gives the same result produced by id command when used with -u and -n options.

-u :- provides only the identification of the current owner of the session.

-n :- provides identification as the username instead of a number.

3. Pwd

Print working directory is one of the most basic and frequently used commands which is used to print the path of the working directory starting from the root.


The PWD command has two flags :-
pwd- L which is used to print the symbolic path.
pwd- P which is used to print the actual path.

If both of these options are used, L is given priority however if nothing is provided P is taken into account. This will cause the command to show the physical location rather than a symlink. Else the physical location is ignored.

PWD is a shell built in most modern cells such as Bash and zsh this means that the command is present in Shell rather than the external program that the code will run much faster than calling an external executable.

4. Cat

Cat stands for ‘ Concatenate ‘, which allows the user to :
      • create single or multiple files.
     • view contents of the file.
     • Concatenate files.
     • redirect output in the terminal files.


• $ cat filename :- To view a single file.
• $ cat file1 file 2 :- To view multiple files.
• $ cat > newfile  :- To create a file.
• $ cat – E “filename” :- To highlight the end of a line.

5. Cp

Cp is used to copy files or directories and requires at least two filenames in its arguments.

The modes of operation provided are :-

• Two filenames:- If a cp command contains two file names, it copies the contents of file 1 to file 2. If file 2 doesn’t exist, then a new file is created and the contents are copied to it.

Syntax:- cp src_file dest_file.

• Two directory names:- If the command contains two directory names, cp copies all the files of the source directory to the destination directory, creating any if needed.

It requires an additional option -R to indicate the recursive copying of directories.

Syntax:-  cp -R src_dirct dest_dirct.


Consider two files named a.txt and b.txt.

• i (interactive)

i stands for interactive copying, which comes with a prompt if or not to overwrite the contents of the destination file. If you press y ( which stands for yes) , the contents will be copied. Else it’ll remain uncopied.

$ cp – i a.txt b.txt
cp : overwrite ‘b.txt’ ? y
$ cat b.txt

• b (backup)

This command creates the backup of the destination file in the same folder with different name and in different format.

$ cp -b a.txt b.txt
$ ls
a.txt b.txt b.txt ~

• f (force)

Consider a situation when fhe destination file can’t be opened for writing operation as the user doesn’t have permission for it. Thus by using the f option, destination file is deleted first and the contents are copied from source file to the newly created destination file.

6. Mv

Mv means move, which is used to move one or more files or directories from one place to another in a file system like UNIX.

The two distinct functions of mv are :

• renames a file or folder
• moves group of files to different directory.

Syntax: mv [option] source destination

If the destination file doesn’t exist, it will be created. The source file is then simply replaced with the just created destination file. Else if the destination file exists, it is simply overwritten and the source file is deleted.


• –i ( interactive)
      Works just like the i in cp command.

• –f (force)
     If the destination file is write protected, then mv prompts for confirmation overwriting the destination file. Then f option overrides the minor protection and overwrites the destination file forcefully and deletes the source file.

• –version
    It displays the version of mv currently running on the system.

• –n ( no- clobber)
    With the n option, mv prevents the existing file from being overwritten.

7. Rm

Rm is used to remove objects such as files, directories, symbolic links and so on from the file system like UNIX. It also removes references to objects from the file system, where the objects have had multiple references.

Once contents are removed using rm command, they cannot be recovered.  Hence one need to be careful while using them. No outputs are generated in case of rm, only messages in case of an error.

Syntax: rm [OPTIONS] …. FILE…


• –i (interactive deletion)

The command asks for confirmation before removing each file. You need to press ‘y’ if you want to delete. Any other key if used, won’t do any action.

Syntax : $ rm –i filename.txt

• –f (force deletion)

The rm prompt asks for a confirmation removal if a file is write protected. The f option overrides this protection and forcefully removes the file.

• — version

It is used to display the version of rm which is currently running on the system.

8. Chmod

Chmod( Change mode) is used to change the access mode of a file.

Syntax: chmod [reference] [operator] [mode] file…

Reference is used to distinguish the users to whom permissions may apply.  There’s a list of letters specifying whom to give permission.

u -> owner
g -> group
o -> others.

Operator specifies how the modes of a file should be adjusted.

The ‘+’ Operator adds the specified mode to specified class.
The ‘-‘ Operator removes the specified mode from specified class.
In the ‘=’ Operator, mode specifications are to be made.

The mode specifies which permissions are to be granted or removed from specified classes.

r – permission to read a file
w – permission to write/delete a file
x – permission to execute a file or in case of a directory search it.

Commands to change directory permissions in Linux.

• chmod +rwx filename :- to add permissions
• chmod -rwx directory name :- to remove permissions
• chmod +x filename :- to allow executable permissions
• chmod -wx filename :- to take out write and executable permissions.

9. Chown

The chown command is used to change the user ownership of a file, directory or link in Linux.

Syntax :
chown [OPTION] … [ OWNER] [ : [GROUP]] FILE…
chown [OPTION] … reference = R FILE FILE…

The command used to change the owner of the file is as given :

chown owner_name file_name

Consider the file name to be file 1.txt and owner name to be master, then the command would be

chown master file 1.txt

If the ownership needs to be changed to root, use sudo before syntax.

sudo chown master file 1.txt


–c :- To report when a change is made.
        Syntax: chown –c master file1.txt
–v : To show the verbose information for every file processed.
      Syntax: chown -v master file1. txt

–f : To forcefully change the ownership when you aren’t permitted to change group permissions.

10. Vi

Visual Editor (Vi) is a default editor that comes with the UNIX operating system. Using vi editor , it is possible to edit an existing file, read a text file or create a new file from scratch.

Syntax : vi filename.

Three Modes Of Operation

• Command Mode

During starting, the vi editor is in command mode. This mode interprets any character typed as a command and doesn’t display them in the window.
It allows the user to move through a file and delete, copy or paste a piece of text.

• Insert Mode

invoked using ‘i’ and enables the user to insert text into a file. Everything typed is interpreted as input and at last is put into the file.

To get out of either command mode or insert mode, press the Esc key.

• Last Line Mode ( Escape Mode)

It is invoked by typing a colon (:) while being in command mode. This mode enables the user to perform tasks such as saving files and executing commands.

Commands and their descriptions

$ vi filename :- To open an existing file. If not, create one.

$ vi -R filename :- To open an existing file in read mode.

Simple Commands

k : to move the cursor up one line.
j : to move the cursor down one line.
h : to move the cursor to left one character position
l : to move the cursor to right one character position.

11. Ps

It is the abbreviation of Process State, which is a utility provided by Linux for viewing information related to processes on a system. It is used to list the currently running processes and their IDs along with some other information depending on other options.

Syntax: ps [ OPTION]


• Simple Process Selection: It shows the processes for the current shell. The result contains four columns as the follows:-
      • PID :- Unique Process ID.
      • TTY :- Terminal type the user is logged into.
      • TIME :- Amount of cpu in minutes and seconds that the process has been running.
      • CMD :- The name of command that launched the process.

• View Processes :- To view all the running processes, use either ps – A or ps – e.

• To view all the processes except both session leaders and processes not associated with a terminal, use  # ps – a.

12. History

The history command is used to show the last recently used 500 commands. These recently used commands can also be accessed by looking at  .bash_history in the home folder.

In this feature, every command executed is treated as an event and has an event number using which they can be recalled and changed.

Syntax: $ history


$ history 5 – To show the 5 last used commands.
$ !! – To view the most recent command.
history -d event -number – To remove history
$ history – c – To remove the whole history
$ history | less – To view the last 10 commands
$ history | tail – To view the last 25 commands

13. Free

The free command is used to get a detailed report about the system’s memory usage such as the total amount of physical and swap memory as well as free and used memory.

Syntax: $ free [ OPTION]

When no option is specified, the command will display information about memory and swap in kibibyte. To view this information in human readable format, use the command  $ free -h.


— b : to display the amount of memory in unit bytes.
— k : to display the amount of memory in kilo bytes.
–g : to display the amount of memory in giga bytes.
–m : to display the amount of memory in mega bytes.
–tera : to display the amount of memory in tera bytes.

14. Cfdisk

The cfdisk command is used to create, delete and modify partitions on a disk device. It can also be used to manipulate or display information about the disk partition table.

Syntax : $ cfdisk / dev

Options Provided

— help/ –h :- to display help text and exit.
–color / –L :- to colorize the output.
–version/ –v :- to display version information and exit.
–zero / –z :- This option doesn’t zero the partition table on the desk.  Rather it simply starts the program without reading the existing partition table.

Another simple commands provided by cfdisk are

d : to delete the current marked petition and give space for the new one.
h : to print the help screen
n : to create a new partition of the marked free space.

15. Chkconfig

Chkconfig is used to list the available services and view or update their run level settings.

Syntax: chkconfig [ OPTION]


• $ chkconfig — list :- To list the current status of all system services.

• $ chkconfig — list rhnsd :- To list the current status of a particular service.

• $ chkconfig rhnsd on :- To enable a service .

• $ chkconfig rhnsd off :- To disable a service.

• $ chkconfig del rhnsd :- To delete a service.

When chkconfig is run without any option, it displays usage information.


These are just 15 among the many commands provided by Linux. These commands helps in easy accessibility and providing results within a short period of time.

Spread the love

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *