nmap -p- <target> - Scans all ports on a target to find open services., netstat -tuln - Lists active TCP/UDP network connections and listening ports., ifconfig / ip addr - Displays the system’s network interfaces and IP configurations., arp-scan -I eth0 --localnet - Scans the local network to find live hosts via ARP requests., masscan -p1-65535 <target> - Performs a very fast full-port scan of a target., dig <domain> - Retrieves detailed DNS records for a given domain., whois <domain> - Shows domain registration information like ownership and contact details., tcpdump -i eth0 - Captures and inspects raw network traffic on an interface., hydra -l <user> -P <wordlist> <target> ssh - Performs a brute-force login attack on SSH using specified credentials., sqlmap -u <url> --batch - Detects and exploits SQL injection vulnerabilities automatically., nikto -h <host> - Scans a web server for known vulnerabilities and issues., theHarvester -d <domain> -l 500 -b all - Gathers emails, subdomains, and host data from public sources., enum4linux -a <target> - Extracts information from Windows hosts using SMB protocol., msfconsole - Launches the Metasploit framework for advanced exploitation tasks., searchsploit <software> - Searches for known exploits related to a given software or version., nc -lvnp <port> - Opens a TCP listener to catch incoming connections (e.g., reverse shells)., openssl s_client -connect <host>:443 - Connects to an SSL/TLS service to examine its certificate and connection details., wget http://<target>/file - Downloads files from the web via HTTP or FTP., curl -I http://<target> - Fetches only the HTTP headers of a web resource., chmod +x <file> - Changes file permissions to make a script or binary executable.,

20 Essential Linux Commands for Penetration Testing

by
Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?