Top Linux Commands Every New User Should Learn

Hello everybody, how's it going? I hope you're all feeling fantastic both mentally and physically! It's been a while since I last wrote something, but guess what? I'm working on a basic malware analysis draft, and it's almost halfway done! I thought it'd be awesome to share something basic with you all.

So, what are you waiting for? Fire up your Linux terminal or download Termux (my go-to when I didn't have a PC)!

Here are the top 100 useful Linux commands I discovered when I first dove into the exciting world of cybersecurity.

1. ls → listing

The ls command lets you see the files and directories inside a specific directory (current working directory by default)

1.1 ls -l → long listing format which displays more information about files and directories

1.2 ls -la → displays hidden files (which starts with (.) period/full stop

see we can see my secret password file (really I store all my passwords here I promise this is truth)

2. cd → change directory

   as its name says this is used to change or move from one dir to another directory.

   

   We are now inside new-dir.

2.1 cd .. → We can move back from the current directory with this command. Like this :

We can move back as much as we can until the root(/) file structure.

3. Cat → meow :) (the full form is concatenate [So with the help of the cat command we can read and create files from our terminal easily.

3.1 cat > filename : [we can create a file with cat via redirecting output directory to file] That means the content of the file will not be stored in terminal history. :

And then press CTRL+D after u finish writing

3.2 cat » filename : [we can append more data into an existing file {if we use a single (>) symbol this will erase all data from a file u are editing.]

there are a lot of tricks we can do with cat command so my advice will be to explore as much as u can.

4. Tac → tac command is used to print data from a file in reverse (it doesn’t reverse content just read from the last) like this :

   

5. nl → number line [ nl command prints the file content with the number of lines]

   

6. Head → head command prints the first 10 lines from a file.

   

   Spaces are also counted as a line.

   6.1 head -n (any number): with the help of the (-n) option we can display as many lines as we want.

   

   7. Tail: this also works like a head command but in reverse (yes it prints the first 10 lines from the last)

      

7.1 tail -n: with (-n) we can print as many lines as we want just like the head.

8. pwd: stands for present working directory.

pwd command displays your current directory in which u are right now.

9. Touch: this is used to create empty files.

   

   We can create multiple files as well like this:

   

   10. Cal: command displays a calendar in the terminal.

       first : sudo apt install ncal.

       type: cal 03 2025 (display calendar of March 2025)

       

   11. bc: with the help of bc we can perform any mathematical calculations from our Linux terminal.

       type: sudo apt install bc

       

   12. Df → (disk free) This command in Linux/Unix is used to display disk usage or disk information.

       

       12.1 df -a (display all file systems like duplicate, or inaccessible)

12.2 df -h: with (-h) it prints all information in a human-readable format.

13. Help ( this is the most useful command in Linux which prints help about every command and their built-in functions and commands as well. Like this :

    

14. factor →

factor is used to print the prime factor of each integer.

15. uname -a: prints kernel information

    

16. mkdir: make directory: it is used to create new directories

    

17. gzip: it is used to compress and decompress data.

    To compress a file :

    

    To decompress a file:

    

18. Whatis: it is used to print one-liner manual information about a command :

    

19. Who: This prints a list of all the logged-in users.

    

    -a => Print all users

    -H => prints info in human-readable format.

20. Free: free command prints information about RAM/SWAP memory.

    

    -h: human-readable format.

21. Top: displays process, resources, and memory usage information in real-time. It’s a preinstalled utility in Linux. Press Q to quit from session

    

22. to: it’s an interactive process viewer, think of it like top on steroids. It’s also very colorful as well.

    

    23. Sl: displays a train’s animation:

        But first : sudo apt install sl

        

    24. Echo: The echo command prints whatever string/text we gave it as an argument.

        

24.1 echo “data” > file.txt

We can use echo to redirect or append output directly into the file as well just as the cat command.

25. finger: this displays information about system users.

26. Groups:

    In Linux, multiple users can operate the system, and groups serve as collections of these users. Groups facilitate the management of users with similar security and access privileges. A user may belong to various groups.

    The groups command displays the names of the primary and any supplementary groups for each specified username, or the current process if no names are provided.

    

27. Man: it is a short name for manual, it is used to display manual for any command.

    Press Q to exit.

    Type: man command-name

    

    28. passwd: The passwd command is used to change the passwords of user accounts. A regular user can change the password of their account, but a SuperUser (root) can change the password of any user account, including their own.

type: passwd

To change a user's password, you need to know the current password first.

29. w: it displays the information about users that are currently active on the machine and their process as well.

    

30. whoami: displays the name of the user, you are currently logged in.

    

31. history: this command is used to display a list of 1000 commands we have executed in the past.

    

    32. login: The login command initiates a user session.

        

    33. lscpu: displays CPU’s and virtualization information such as architecture, processor, cores, etc.

        

    34. cp: it is used to copy files from one place to another place. it does not move the original file but instead creates a duplicate of it.

        syntax: cp file-u-want-to-copy(data) where-u-want-to-copy(destination)

        

    35. mv: The move command is used to move data from one place to another. It does not create a duplicate but instead moves the original file.

        → In Linux, there is no specific command to rename files or directories. Instead, we use a trick with the mv command to do this:

        usage : mv file-u-want-to-move(data) where-u-want-to-move(destination)

        

        Renaming a file/directory:

        

        36. ps: ps command is used to display the running process for a current session.

            

            ps aux: displays all system-wide processes running.

            a: including other users

            u: user-oriented format

            x: processes without controlling ttys

            type: ps aux

            Unlike top/htop: it does not display the process in real-time.

            

            37. kill: The kill command is used to stop running processes (without any blood, of course). It is a built-in command that allows you to manually terminate processes.

                To stop a process, you need to send a signal to it. If you don't specify a signal, the default TERM (termination) signal will be used. To kill a process, you need its PID (process ID), which you can find using tools like top, htop, or ps aux.

                For example, if I want to kill a process named "ruby" in our Metasploit console with a process ID of 338430.

type: kill -9 338430

-9: This signal is used to send an absolute kill signal.

main signals list :

38. killall: The killall command sends a signal to all processes running any of the specified commands. If no signal name is given, it sends SIGTERM by default. Generally, the killall command terminates all processes by using the process name. Signals can be specified by name (e.g., -HUP or -SIGHUP), by number (e.g., -1), or by using the option (-s).

list all supported signals for killall command:

for s in $(killall -l); do echo -n "$s " && kill -l $s; done

39. env: short form for environment, it is used to print a list of current environment variables.

40. printenv: it prints the value of environment variables such as :

41. hostname: prints the system’s DNS name.

42. Nano: it is a built-in file editor which helps us to create/edit files. We have a lot of editors in Linux such as gedit, leafpad, vim, atom, sublime text editor, mousepad(my-fav), emacs, etc.

type : nano file-u-want-to-edit

if the file doesn’t exist, then it will be created automatically.

after u done editing your file :

press: CTRL + O => enter the file name then, press ENTER and CTRL + X to exit from the editor.

43. rm: remove or delete a file.

rm: doesn’t remove directories by default.

44. ifconfig: It is used to display information about all our network interfaces. If no arguments are given, ifconfig shows the status of the currently active interfaces. If a single interface argument is provided, it displays the status of that specific interface only.

45. ip: The ip command is present in the net-tools which is used for performing several network administration tasks. IP stands for Internet Protocol. This command is used to show or manipulate routing, devices, and tunnels. It can perform tasks like configuring and modifying the default and static routing, setting up a tunnel over IP, listing IP addresses and property information, modifying the status of the interface, and assigning, deleting, and setting up IP addresses and routes.

Some examples:

1. To assign an IP Address to a specific interface (eth1) :

ip addr add 192.168.50.5 dev eth1

2. To show detailed information about network interfaces like IP Address, MAC Address information, etc. :

ip addr show

46. Clear: it is used to clear everything terminal screen.

execute clear:

everything will be cleared.

47. su: su stands for switch user, we can use su to switch between users.

48. wget: it is used to download files from the internet. it supports http,https, and ftp, it also allows us to download multiple files at the same time.

some examples :

1. Starting a regular download

wget hxxps://ubuntu.com/ubuntu-20.04.3-desktop-amd64.iso

2. You can resume a download using the -c option

wget -c hxxps://ubuntu.com/ubuntu-20.04.3-desktop-amd64.iso

3. To download in the background, use the -b option

wget -b hxxps://ubuntu.com/ubuntu-20.04.3-desktop-amd64.iso

49. Curl: In Linux, curl is a tool to transfer data to or from a server, using one of the supported protocols(DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP).

50. yes: is used to print a continuous output of a given STRING.

Press: CTRL + C to stop it.

51. shred: it is used to overwrite data, making it unrecoverable during forensic analysis.

for instance: I want to clear my tracks after and want to clear log files. before removing or deleting those files we will overwrite them with junk and then if someone tries to recover that data they will only get junk, not the actual data.

so we only get this junk and now we can delete this :

-n: is an option we used for iterations: like how many times we want to overwrite data. more the iterations, the more difficult to recover data during analysis.

52. locate: used to search the entire filesystem for a given pattern of words/strings through a database file that is generated by updatedb.

example finding a .bashrc file:

some more examples:

1. If the result list is long, for better readability, you can pipe the output to the less command:

locate .bashrc | less

2. To search for all .md files on the system

locate "*.md"

3. To search all .py files and display only 10 results

locate -n 10 "*.py"

4. To perform case-insensitive search.

locate -i readme.md

53. iostat: iostat is used to monitor system input/output statistics for devices and partitions. It monitors system input/output by observing the time the devices are active and their average transfer rates.

eg : iostat -d 2

it will display a single history since boot, report for all CPU and devices :

iostat -d 2 6 => display a continuous device report at two-second intervals :

use —help to see more options:

54. sudo: sudo stands for super user do , it basically allows any user to execute commands , edit configs , modify services’s state as a root or superuser. but that user who wants to use sudo should be a part of sudoers group.

    This is similar to “run as administrator” in Windows.

    

    starting ssh service as root.

55. apt: It is a package manager for linux , which allows us to install , remove , update or upgrade packages from the repositories. need sudo or root privs to use install or uninstall any package.

    \=> Installing a package.

    

    \=> uninstalling a package.

    

56. zip: Most of us already know what a zip file is, its is is like a directory , which stores multiple file and also compress them , which ultimately reduces their size and space.

    So a zip command in Linux exactly does that; it compresses files and reduces their size.

    like this :

    

57. unzip: We can also unzip already compressed files as well, but if files are password protected, we of course need its password, but we can also crack it ( will tell u in future article how to do so ).

    like this: unzip filename.zip

    

58. shutdown: as its name says , we can shutdown our PC or laptop with this command. But u need root privs to do so.

    1. sudo shutdown now => immediately shutdown your PC.

    2. sudo shutdown +10 => shutdown after 10 mins.

The screenshot if this will not be available because I am writing article.

59. dir: dir command does the same work as the ls command, but it works on both Windows and linux as well.

60. list files: dir

    

61. List hidden files: dir -a

    

62. long listing: ls -l

    

    60. reboot: It is self-explanatory that this command is used to reboot/restart our Linux system.

        It needs sudo or root privs to do that.

        type: sudo reboot

61. sort: sort command is used to sort a file, allows us to arrange the records in a particular order

    for instance:

    

    We have sorted the names according to the alphabet. and sort is useful in various cases.

62. paste: paste command writes lines of two or more files, in equal format or separated by TABs

like this :

1. paste file1.txt file2.txt

   

   63. exit: exit command simply used to exit the console or terminal ( CTRL + D ) will do the same.

   64. diff/sdiff: used to display the difference in the files by comparing the files line by line.

65. tar: tar stands for tape archive; it is used to create and archive files and also allows us to extract them.

create archive:

tar -cvf file.tar file1 file2

extract tar files :

tar -xvf file.tar

66. gunzip: gunzip command is used to decompress the files which are compressed by gzip utility in linux, whose names ends with ( .gz,-gz,.z,-z,or_z).

eg: gunzip filename.gz

This is not the end , i have some more as well but this article becomes a lot longer so i will write a continuation of it.