Code With Python
@DataScience4
39.2K subscribers
890 photos
27 videos
22 files
772 links
This channel delivers clear, practical content for developers, covering Python, Django, Data Structures, Algorithms, and DSA – perfect for learning, coding, and mastering key programming skills.
Admin: @HusseinSheikho || @Hussein_Sheikho
Download Telegram
About
Blog
Apps
Platform
Join
Code With Python
39.2K subscribers
Code With Python
Top 30 Cyber Security Commands & Tools

#CyberSecurity #Reconnaissance #InfoGathering

#1. ping
Tests reachability of a host on an IP network and measures round-trip time.

ping -c 4 google.com

PING google.com (142.250.72.14) 56(84) bytes of data.
64 bytes from lhr48s23-in-f14.1e100.net (142.250.72.14): icmp_seq=1 ttl=118 time=8.53 ms
...
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms


#2. whois
Retrieves registration information for a domain name or IP address.

whois google.com

Domain Name: GOOGLE.COM
Registry Domain ID: 2138514_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.markmonitor.com
...
Registrant Organization: Google LLC
Registrant State/Province: CA
Registrant Country: US


#3. dig
(Domain Information Groper) A tool for querying DNS servers.

dig google.com

; <<>> DiG 9.18.1-1-Debian <<>> google.com
;; ANSWER SECTION:
google.com.  156 IN A 142.250.187.238
...
;; Query time: 12 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)


#4. nmap
Network Mapper. A powerful tool for network discovery, port scanning, and security auditing.

nmap -sV -p 80,443 scanme.nmap.org

Starting Nmap 7.92 ( https://nmap.org ) at ...
Nmap scan report for scanme.nmap.org (45.33.32.156)
Host is up (0.16s latency).

PORT    STATE SERVICE  VERSION
80/tcp  open  http     Apache httpd 2.4.7 ((Ubuntu))
443/tcp open  ssl/http Apache httpd 2.4.7 ((Ubuntu))


#5. netcat (nc)
The "Swiss army knife" of networking. Can be used for port scanning, file transfer, and creating backdoors.

nc -zv scanme.nmap.org 80

Connection to scanme.nmap.org (45.33.32.156) 80 port [tcp/http] succeeded!

---
#CyberSecurity #Networking #Analysis

#6. netstat
Displays active network connections, routing tables, and interface statistics.

netstat -tulpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address      Foreign Address    State       PID/Program name
tcp        0      0 127.0.0.1:5432     0.0.0.0:*          LISTEN      675/postgres
tcp        0      0 0.0.0.0:22         0.0.0.0:*          LISTEN      789/sshd
udp        0      0 0.0.0.0:68         0.0.0.0:*                      654/dhclient


#7. traceroute
Traces the network path (hops) to a remote host.

traceroute 8.8.8.8

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  gateway (192.168.1.1)  1.234 ms  1.567 ms  1.890 ms
 2  isp-router.net (10.0.0.1)  5.432 ms  5.678 ms  5.901 ms
 ...
10  142.251.52.221 (142.251.52.221)  10.112 ms  10.345 ms  10.578 ms
11  dns.google (8.8.8.8)  10.801 ms  10.923 ms  11.045 ms


#8. tcpdump
A powerful command-line packet analyzer that allows you to capture and display network traffic.

sudo tcpdump -i eth0 -c 5 port 80

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
14:30:01.123456 IP my-pc.54321 > example.com.80: Flags [S], seq 123456789, win 64240, options [mss 1460,sackOK,TS val 10,ecr 0], length 0
... (4 more packets) ...
5 packets captured


#9. arp
Displays and modifies the Address Resolution Protocol (ARP) cache, which maps IP addresses to MAC addresses.

arp -a

? (192.168.1.1) at 00:1a:2b:3c:4d:5e [ether] on eth0
? (192.168.1.105) at 98:76:54:32:10:fe [ether] on eth0


#10. ip
A modern tool to show and manipulate routing, devices, policy routing, and tunnels. (Replaces ifconfig).

ip addr show
1
372 views