tar -czvf info.tar.

gz info Get-CimInstance -ClassName Win32_LogicalDisk

linmid<x><SGL>.txt hka92 (Get-CimInstance -ClassName Win32_LogicalDisk).FreeSpace
sudo systemctl enable ssh [Math]::Round((Get-CimInstance -ClassName Win32_LogicalDisk).FreeSpace[0] /
1GB),1)
ssh-keygen -t rsa (Get-CimInstance -ClassName Win32_PhysicalMemory | Measure-Object -Property
Capacity -Sum).Sum / 1GbB
ssh-copy-id localhost (Get-CimInstance -ClassName Win32_NetworkAdapterConfiguration -Filter
“IPEnabled = ‘True’”).IPAddress[0]
ssh-copy-id kali@ipaddress (Get-CimInstance -ClassName Win32_OperatingSystem) | Select-Object -Property
*user*
ssh locahost\kali
join -1 3 -2 1 -t, accesstime.txt usernames.txt
File system table: /etc/fstab,fdisk awk '$2 == "Jones" {print $0}' awkusers.txt
File system creation/repair: sed 's/10\.0\.4\.35/10.0.4.27/g' ips.txt s/<regular expression>/<replace
mkfs,fsck with>/<flags>
Disk analysis, creation: df,du,dd, df - tail -n 1 somefile.txt
h
Memory: free,vmstat,top tr '\\:' '/|' < infile.txt > outfile.txt
System info: uptime \n: newline , \r: return, \t: tab
Space: du -hs “$HOME” cut -d',' -f1 csvex.txt "Jane Smith"
Uname,hostname,ifconfig,ip,dhclient $ cut -d',' -f1 csvex.txt | tr -d '"' Jane Smith
Traceroute,netstat,route cut -d',' -f1 csvex.txt | tr -d '"' | tail -n +2
Iptables,sftp sort -t ';' -k 2 tasks.txt > tasks_sorted.txt 2nd field -1 2 2nd field of first file
Id, su, useradd,passwd join -t ';' -1 2 -2 2 procowner_sorted.txt tasks_sorted.txt
stdin:0, stout:1, stderr:2 Jq -r ‘.authors[] | “\(.first_name) \ (.last_name)” ‘ book.json
Error message: command 2> find /home -name ‘*hello’ 2>/dev/null
/dev/null
arp -a : ARP table find /home -name ‘,*’ : hidden files
Uname -a : OS version find /home -size +5G
netstat -a : network conn find /home -mtime -1 : modified files <24 hrs
Mount : filesystems find /home -mtime +2 : modified files >2 days
ps -e : running processes find /path -type f -name ‘dog.png’
!! : to run last command nd pipe grep -R -I ‘password’ /home
Grep -i -r /home -e ‘password’
read str , echo ${str} egrep
No of users: who | wc -l grep ‘T.o’ a.txt : 1 char
Groups: getent group | cut -d: -f3 | wc egrep ‘T.?o’ a.txt : 0/1 char
-l
ls -l /home | grep '^d' | awk '{print egrep ‘T.*o’ a.txt : 0/ more char
$3}' | wc -l OR getent passwd | grep
'^.*:/home' | wc -l
Read choice “$choice” -eq 1< egrep ‘T.+o’ a.txt : atleast 1 char
[abc] Match only the character a or b grep -c "pattern" filename (count)
or c
[1-5] Match on digits in the range 1 egrep "^pattern" filename : lines that start with pattern
to 5
[a-zA-Z] Match any lowercase or egrep "pattern$" filename
uppercase a to z
[0-9 +-*/] Match on numbers or grep -v "success" results.txt | wc -l : don’t contain
these four mathematical symbols
[0-9a-fA-F] Match a hexadecimal egrep "error|warning" config.cfg either error/ warning
digit
\s Whitespace egrep "[0-9]" notes.txt
\S Not whitespace netstat -an | grep "ESTABLISHED" : active netwrk conn
\d Digit grep "sshd" /var/log/auth.log : SSH login attempts
\D Not digit grep "session opened for user" /var/log/auth.log : loggeg in users
egrep '<([A-Za-z]*)>.*</\1>' tags.txt grep "Failed password" /var/log/auth.log - failed login attempts
^[1-5] means that a matching string egrep -o "([0-9]{1,3}\.){3}[0-9]{1,3}" /var/log/auth.log : lines with IP
must start with one of the
digits 1 through 5,
[1-5]$ means that a string must grep "session opened for user john" /var/log/auth.log : login attempts
end with one of the digits 1 through
5.
handywork < data.in > results.out getent group sudo | awk -F: '{print $4}' | tr ',' '\n' : users belong to sudo group
ls / | more egrep -o "([0-9A-Fa-f]{2}:){5}[0-9A-Fa-f]{2}" /var/log/syslog : MAC add
num_users=$(cat /etc/passwd | wc grep "sshd" /var/log/auth.log | grep "port 22" | awk '{print $(NF-3)}' | sort | uniq : tried to
-1) connect to port 22
num_nologin=$(grep -c "nologin" uptime_info=$(uptime -p)
/etc/passwd)
num sudo=$(grep -c "sudo" num log_files=$(find /var/log -type f-name "*10g*" 2>/dev/null
/etc/group)
os_info=$(uname -al) num_processes=$(ps -ax | wc -1)