Tutorial
Linux Commands Every Hacker Should Know (Beginner Guide 2026)
The 20 Linux commands that cover 80% of what you need for CTFs and pentesting. Includes cheat sheet.
← Back to all articles
Linux is the foundation of cybersecurity. Whether you're doing CTFs,
pentesting, or just setting up a lab, you'll be living in the terminal.
I'm a CS student at Michigan Tech and when I first sat down at a Linux
terminal it was intimidating — this guide is what I wish I had.
Getting a Linux Terminal to Practice On
- TryHackMe — browser-based Linux terminal, no setup needed
- VirtualBox — free software to run Kali Linux on your own machine
- DigitalOcean — spin up a Linux VPS for $4/mo, $200 free credits for new users
Navigation Commands
pwd — Where Am I?
pwd
# Output: /home/user
ls — What's Here?
ls # basic list
ls -la # detailed list including hidden files
ls -lh # human readable file sizes
cd — Move Around
cd /home/user # go to specific path
cd .. # go up one level
cd ~ # go to home directory
cd - # go back to previous directory
find — Search for Files
find / -name "flag.txt" # find a file by name
find / -name "*.txt" # find all .txt files
find / -perm -4000 2>/dev/null # find SUID files
File Commands
cat — Read a File
cat file.txt # print file contents
cat -n file.txt # with line numbers
grep — Search Inside Files
grep "password" file.txt # find "password" in a file
grep -r "password" /var/www/ # search recursively
grep -i "password" file.txt # case insensitive
cp, mv, rm — Copy, Move, Delete
cp file.txt backup.txt # copy a file
mv file.txt /tmp/file.txt # move a file
rm file.txt # delete a file
rm -rf /tmp/folder/ # delete a folder
File Permissions
chmod — Change Permissions
chmod +x script.sh # make a script executable
chmod 777 file.txt # full permissions for everyone
chmod 644 file.txt # standard file permissions
chown — Change Ownership
chown user:group file.txt # change owner and group
sudo chown root file.txt # give root ownership
Networking Commands
ifconfig / ip addr — What's My IP?
ifconfig # show network interfaces
ip addr # modern alternative
ip addr show eth0 # show specific interface
ping — Is the Target Alive?
ping 10.10.10.1 # send ping packets
ping -c 4 10.10.10.1 # send exactly 4 packets
curl — Make Web Requests
curl http://10.10.10.1 # basic GET request
curl -I http://10.10.10.1 # headers only
curl -X POST http://10.10.10.1 # POST request
Process Management
ps — What's Running?
ps aux # show all running processes
ps aux | grep apache # find specific process
sudo — Run as Administrator
sudo command # run single command as root
sudo su # switch to root user
sudo -l # list what you can run as sudo
CTF tip: sudo -l is one of the
first things to run in a CTF — it shows if you can escalate
privileges immediately.
Quick Reference Cheat Sheet
| Command | What it Does |
|---|
pwd | Show current directory |
ls -la | List all files including hidden |
cd .. | Go up one directory |
find / -name file | Search for a file |
cat file.txt | Read a file |
grep "text" file | Search inside a file |
chmod +x file | Make file executable |
ifconfig | Show IP addresses |
ping <ip> | Check if host is alive |
ps aux | Show running processes |
sudo -l | List sudo permissions |
history | Show command history |
Practice These Commands for Free
Disclosure: Some links on this page may be affiliate links. I may earn a small commission if you sign up through them, at no extra cost to you. I only recommend tools I genuinely think are worth it.