Linux Cheat Sheet | UGLABS // Ubuntu Guard Cyber

Overview

What is covered

Shell Baseline

Move around the filesystem with pwd, ls, and cd.
Use Bash history and readline shortcuts to move faster.
Check the active identity before privileged work with whoami.

System Tasks

Use apt for metadata refreshes, installs, upgrades, and removals.
Use ip, ping, dig, whois, and arp-scan for local reconnaissance and reachability checks.
Use Kali tools only on systems and labs you are authorized to assess.

Kali Focus

nmap is your network and port scanning baseline.
theHarvester, gobuster, burpsuite, and wireshark cover common discovery and inspection workflows.
msfconsole and hydra are high-impact tools and should stay inside controlled test scopes.

Shell Basics

Navigation and readline

Core Commands

pwd

Print the current working directory

Use this when you need the full path for the directory your shell is currently using.

ls

List directory contents

Displays entries in the current directory, or a path you specify.

cd <dir>

Change directories

Switch the shell working directory to the path you provide.

history

Inspect command history

Bash keeps a history list that you can display and search instead of retyping commands.

clear

Clear the visible terminal screen

Useful when you want a clean prompt without closing the current shell session.

Readline Shortcuts

Tab

Attempt completion

Bash uses readline completion to expand commands, paths, and other completion targets.

Ctrl + L

Clear the screen

Readline maps this to the clear-screen action without interrupting the running shell.

Up / Down

Move through command history

Step backward and forward through previous Bash commands at the prompt.

Ctrl + R

Search history in reverse

Incrementally search earlier commands when you remember only part of a previous entry.

Files and Directories

Create, inspect, move, remove

Create and Inspect

ls -la

Long listing including hidden entries

Shows dotfiles and detailed metadata in a single directory listing.

mkdir <dir>

Create a directory

Build a new directory at the path you specify.

touch <file>

Update timestamps or create a file

Commonly used to create an empty file if it does not already exist.

cat <file>

Print file contents

Send the file to standard output for quick inspection.

nano <file>

Edit a file in GNU nano

Launches the nano text editor directly on the target file.

Copy, Move, Remove

cp <src> <dst>

Copy a file

Use cp -r when the source is a directory tree.

mv <src> <dst>

Move or rename a path

Works for both files and directories.

rm <file>

Remove a file

Deletes the named file from the filesystem.

rm -r <dir>

Recursively remove a directory tree

Removes the directory and its contents, so confirm the target path carefully first.

System and Packages

Identity, privilege, APT

Identity and Privilege

whoami

Show the effective username

Use this to confirm which account the current shell is operating as.

sudo <command>

Run a command as another user

Without extra options, sudo runs the command as root if your policy permits it.

passwd

Change a user password

Prompts for a new password through the system password management utility.

su -

Start a login shell as the target user

With no username provided, su - attempts to open a root login shell.

APT Package Management

sudo apt update

Refresh package lists

Retrieves updated package metadata from configured repositories.

sudo apt upgrade

Install available upgrades

Upgrades installed packages when newer versions are available.

sudo apt install <package>

Install a package

Fetches and installs the named package, along with required dependencies.

sudo apt remove <package>

Remove a package

Removes the installed package while local configuration files can remain unless you purge them.

Network Checks

Interfaces, reachability, discovery

Host and Interface Commands

ip address show

Show interface addressing

Displays IP addressing information for the system interfaces managed by ip.

ip link show

Show interface link state

Lists interfaces and their lower-level link attributes.

ping <host>

Test ICMP reachability

Sends ICMP echo requests to a host so you can check whether it responds.

dig <name>

Run a DNS lookup

Queries DNS records and is useful for quick name resolution checks.

whois <domain>

Query WHOIS registration data

Uses a WHOIS client to request registration information from directory servers.

arp-scan -l

Scan the local network with ARP

Performs ARP discovery on the local network segment.

Fast Workflow

whoami
ip address show
ping target.example
dig target.example
whois target.example
nmap target.example

Baseline sequence for identity, local networking, name resolution, registration data, and service exposure.

Kali Tooling

Common packages and launch points

Tool Reference

nmap

Network exploration tool and security / port scanner.

Install: sudo apt install nmap

theHarvester

Email, subdomain, and people-name harvesting tool for open-source intelligence collection.

Install: sudo apt install theharvester

burpsuite

Web vulnerability scanner and web testing platform.

Install: sudo apt install burpsuite

wireshark

Network traffic analyzer for interactive packet inspection.

Install: sudo apt install wireshark

msfconsole

Console entry point for the Metasploit Framework penetration testing platform.

Install: sudo apt install metasploit-framework

hydra

Very fast network logon cracker intended for authorized password auditing workflows.

Install: sudo apt install hydra

gobuster

Directory, file, DNS, and virtual-host busting tool for enumeration work.

Install: sudo apt install gobuster

Practical Notes

Use --help or the tool manpage before running a scan against a new target set.
Prefer ip over legacy interface commands when you want current Linux networking syntax.
Keep package metadata current with sudo apt update before installing a new toolchain.
Snapshot lab VMs before invasive testing or large package changes.
Credential tooling, exploitation frameworks, and active scanners belong inside authorized environments only.

Scope

Validation