GARY IS COMING FOR YOU

You shouldn't have done that.

Linux Tools

Quick reference guides for most GNU/Linux distros.

Core System

cat

Display file contents to stdout. One of the most fundamental Unix commands for reading files, combining files, and creating files.

chroot

Change root directories like a pro. Essential for system recovery and maintenance.

dfc

Display filesystem disk space usage with color output. Enhanced version of df with better formatting and visual indicators.

fdisk

Disk partitioning that doesn't need to be scary. Just be careful.

find

Search for files and directories in a directory hierarchy. Powerful tool for locating files by name, type, size, modification time, and more.

htop

Interactive process viewer and system monitor. Enhanced version of top with better visualization, mouse support, and easier navigation.

lsblk

Display information about block devices in a tree format. Shows disks, partitions, and their mount points in an easy-to-read hierarchy.

mount

Attach a filesystem to the directory tree. Essential for accessing disks, partitions, network shares, and other storage devices.

perf

Performance analysis tool for Linux. Provides profiling, tracing, and performance monitoring capabilities using hardware performance counters and kernel tracing.

ripgrep

Fast text search tool that recursively searches directories for a regex pattern. Faster than grep, respects .gitignore by default, and has excellent Unicode support.

strace

Trace system calls and signals. Monitors interactions between a process and the Linux kernel, essential for debugging, performance analysis, and security auditing.

Environment

clagrange

Browsing Gemini space from the comfort of my terminal. Retro-futuristic vibes.

dwm

Minimal, fast, and you have to compile it yourself. Peak Linux experience.

foot

My terminal of choice. Fast, minimal, and doesn't get in my way.

fzf

Fuzzy finding everything. Because scrolling through lists is overrated.

hyprland

Wayland compositor that actually works and looks good doing it.

irssi

IRC in the terminal. For when you want to chat like it's 1999.

linux terminal commands

The basics that make everything else possible. You know, the important stuff.

mpv

Plays everything, respects your privacy. What's not to love?

neomutt

Email in the terminal. Because GUIs are overrated and this one actually works.

neovim

The editor that makes you feel like a wizard once you figure it out.

newsboat

RSS feeds without the bloat. Just the articles, please.

qtile

Tiling windows with Python config. Because why not make it programmable?

tmux

Because one terminal window is never enough. Sessions that survive disconnects.

waybar

Highly customizable status bar for Wayland compositors. Displays system information, application status, and custom modules with JSON configuration and CSS styling.

yazi

File management that doesn't make me want to throw my computer out the window.

magic-wormhole

Securely transfer files and text between computers using human-readable codes. Simple, encrypted, and cross-platform.

ssh

Secure shell for remote login and command execution. Encrypted replacement for telnet and rsh.

Discover

amass

Subdomain enumeration on steroids. Find what they didn't want you to find.

cloud_enum

Multi-cloud OSINT tool. Find exposed buckets and cloud resources.

gau

Get All URLs from multiple sources. Wayback, OTX, Common Crawl, and more.

katana

Fast web crawler for security testing. Discovers endpoints, parameters, and hidden paths through intelligent crawling.

subfinder

Passive subdomain discovery tool. Fast and stealthy enumeration.

sublist3r

Subdomain enumeration using search engines. Classic recon tool.

waybackurls

Fetch URLs from Wayback Machine. Discover historical endpoints.

Enumerate

aquatone

Visual recon for web-based attack surfaces. Screenshots at scale.

dnsrecon

Comprehensive DNS enumeration. Zone transfers, brute force, and more.

ffuf

Fast web fuzzer written in Go. Brute force directories, parameters, and more.

gobuster

Directory and DNS busting tool. Find hidden paths and subdomains.

host

Simple DNS lookup utility. Quick and to the point.

httpx

Fast HTTP toolkit. Probe live hosts, detect tech, and extract info.

masscan

Ultra-fast port scanner. Scan the entire internet in minutes.

nmap

Network mapper and port scanner. The gold standard for network discovery and security auditing.

wafw00f

Web Application Firewall detection. Know what's protecting the target.

whatweb

Web technology fingerprinting. Know thy target's stack.

Analyze

curl

Transfer data from anything to anywhere. The Swiss army knife of HTTP.

gowitness

Web screenshot tool with SQLite backend. Visual recon made easy.

hcxpcapngtool

Convert and analyze WiFi captures. Extract handshakes, PMKIDs, and convert formats for hashcat.

jq

Lightweight JSON processor. Parse, filter, transform, and manipulate JSON data with ease.

miller

Like awk, sed, cut, join, and sort for CSV, TSV, and tabular JSON. Stream processing for structured data.

nikto

Web server scanner that finds the vulnerabilities others miss.

nuclei

Template-based vulnerability scanner. Fast, customizable, and deadly accurate.

regex

Pattern matching that makes sense once you understand it. Examples included.

sed

Stream editor for filtering and transforming text. Edit files non-interactively and manipulate text streams.

wget

Download files like it's 1996. Reliable, recursive, and scriptable.

Offensive

bettercap

Network attack and monitoring framework. ARP spoofing, DNS spoofing, credential harvesting, and more.

crackmapexec

Post-exploitation tool for Active Directory environments. Enumerates, exploits, and pivots through Windows networks.

hashcat

Advanced password recovery tool. GPU-accelerated cracking for various hash types and formats.

hcxdumptool

WiFi handshake capture tool. Capture WPA/WPA2 handshakes and PMKID hashes from wireless networks.

hydra

Brute force authentication tool. Fast parallel attacks on SSH, HTTP, FTP, and many other protocols.

impacket

Collection of Python classes for network protocols. Tools for SMB, MSRPC, LDAP, Kerberos, and Active Directory exploitation.

msfconsole

Metasploit Framework console. The pentester's best friend.

responder

LLMNR, NBT-NS, and MDNS poisoner. Answers name resolution requests to capture authentication hashes.

sqlmap

SQL injection testing and exploitation. Automatic detection and exploitation of SQL injection vulnerabilities.

Detect

arpwatch

Monitor ARP traffic and log changes to Ethernet/IP pairings. Detects ARP spoofing and network anomalies.

auditd

Linux Auditing System. Monitor system calls and file access for security compliance and forensics.

crowdsec

Collaborative intrusion prevention system. Analyzes behaviors, responds to attacks, and shares threat intelligence.

iftop

See what's eating your bandwidth in real-time. Spoiler: it's probably updates.

snort

Intrusion detection that's been around forever and still gets the job done.

suricata

High-performance network IDS, IPS, and security monitoring engine. Multi-threaded and protocol-aware.

termshark

Wireshark in the terminal. For when you need to debug network things.

wazuh

Security monitoring platform with MITRE ATT&CK integration. Intrusion detection, vulnerability scanning, and compliance.

zeek

Network security monitoring that's actually useful. Logs everything, finds the weird stuff.

Respond

fail2ban

Ban IP addresses that show malicious signs. Automatic intrusion prevention at the firewall level.

iptables

The classic Linux firewall. Tables, chains, and rules to control your traffic.

kill

Send signals to processes. Terminate, pause, resume, or control processes by PID.

lsof

List open files. Shows information about files opened by processes, including network connections.

nftables

The modern replacement for iptables. Cleaner syntax, better performance.

ps

Display information about running processes. Shows process IDs, resource usage, and command lines.

ss

Socket statistics. Modern replacement for netstat. Displays network socket information including TCP, UDP, and Unix sockets.

Trust

age

Simple, modern file encryption tool. Designed to be secure, easy to use, and script-friendly.

gpg

GNU Privacy Guard for encryption, signing, and key management. Foundation for OpenPGP workflows.

gpg-agent

Background agent that caches GPG passphrases and handles private key operations securely.

md5sum

Compute and verify MD5 checksums. Useful for legacy integrity checks, but not for security.

openssl

Swiss army knife for TLS, certificates, and crypto primitives. Generates keys, CSRs, and tests SSL/TLS.

pass

Unix password manager using GPG and git. Stores passwords as encrypted text files in a simple tree.

sha1sum

Compute and verify SHA-1 checksums. Mostly for legacy compatibility, avoid for new security uses.

sha256sum

Compute and verify SHA-256 checksums. Commonly used for verifying downloads and file integrity.

sha512sum

Compute and verify SHA-512 checksums. Stronger variant of the SHA-2 family for integrity checking.

ssh-keygen

Generate and manage SSH key pairs. Creates keys for secure remote access and authentication.