10 commands you'll use every day. By the end of the lesson, you'll be navigating Kali without a mouse.
When I first saw a Linux terminal, I thought, "this is what hackers in movies use." A black screen, white text, nothing makes sense.
Now, I open the terminal 200 times a day. And every time, it's more convenient than using a mouse. Seriously.
The terminal is a direct conversation with your computer. No need to click "Open โ Folder โ Documents โ New Folder". One command, and you're done.
In this lesson, we'll learn 10 commands. After that, the terminal will become your best friend.
Open the terminal. Type:
pwdResponse:
/home/kalipwd = "Print Working Directory". Shows your current folder.
This is your home folder. Similar to "C:\Users\Your Name" in Windows.
lsWill show you the files and folders in your current directory:
Desktop Documents Downloads Music Pictures Public Templates VideosOptions (always after the command, separated by a space):
ls -l # detailed (size, date, permissions)
ls -a # including hidden files (starting with .)
ls -la # both at once
ls -lh # size in human-readable format (KB / MB / GB)Try: ls -la. You'll see many more files.
cd DocumentsYou've entered the Documents folder. Check:
pwd
# /home/kali/DocumentsSpecial symbols:
cd .. # one level up (parent folder)
cd ~ # home (=/home/kali)
cd / # system root
cd - # previous folder (like Back)๐ก Tab Life Hack: start typing a folder name โ press Tab โ the terminal will auto-complete. This will save you hours over your career.
cat /etc/hostnameWill show you "kali" (your computer's name).
cat /etc/os-releaseWill show you system info (Kali version, ID, etc.).
For long files:
less /etc/passwd # scroll with arrows, exit with q
head -10 file.txt # first 10 lines
tail -10 file.txt # last 10 lines
tail -f /var/log/auth.log # follow changes in real-timeThis is a super-important command for hackers. Searches for lines containing specific text.
grep "kali" /etc/passwdWill show you lines in /etc/passwd containing "kali".
Useful options:
grep -i "PASSWORD" config.txt # case-insensitive
grep -r "secret" /var/www/ # recursive search
grep -n "error" log.txt # with line numbers
grep -v "INFO" log.txt # exclude matchesReal-life example: you've hacked a site, downloaded base.tar.gz, and need to find the database password:
grep -ri "DB_PASSWORD\|db_pass\|database.*password" extracted_files/find / -name "passwd" 2>/dev/nullWill find all files named "passwd" on the entire system. 2>/dev/null ignores access errors.
Useful patterns:
find . -name "*.conf" # all .conf files in the current and subfolders
find /home -type f -size +10M # files larger than 10MB in /home
find / -perm -4000 2>/dev/null # all SUID files (important for privilege escalation!)
find / -mtime -1 # files modified in the last 24 hoursmkdir test_folder # create a folder
mkdir -p path/to/deep/dir # create nested folders
cp file.txt backup.txt # copy a file
cp -r folder1 folder2 # copy a folder recursively
mv old.txt new.txt # rename (or move)
mv file.txt /tmp/ # move to /tmp
rm file.txt # delete a file
rm -rf folder/ # delete a folder with all contents (BE CAREFUL!)โ ๏ธ rm -rf / will delete EVERYTHING. Never run this command. And don't trust code from unverified sources that contains it.
More details in Lesson 2.3, but the basics:
chmod +x script.sh # make executable
chmod 755 file # rwx for owner, r-x for others
chmod 644 config.txt # rw for owner, r for othersThis is Unix magic. Connects multiple commands:
# Pipe (|): output of one command โ input of another
ls -la | grep "kali" # ls + search for lines with "kali"
cat log.txt | grep "ERROR" | head -10 # last 10 errors
# Redirect (>): save output to a file
ls -la > files.txt # overwrite
ls -la >> files.txt # append
# Stderr (2>): redirect errors
find / -name "secret" 2>/dev/null # ignore access errorsReal-life example: find all .php files containing "mysql_query":
find /var/www -name "*.php" | xargs grep -l "mysql_query" 2>/dev/nullsudo apt update # update package list
sudo apt install nmap # install nmap
sudo -i # become root (exit with exit)sudo = "Super User DO". Asks for your password (your regular one, for kali). After entering the password, the command runs with root privileges.
๐ก Life Hack: sudo remembers your password for ~15 minutes. Enter it once, and subsequent sudo commands will run without asking for a password.
Run the following commands in the terminal, in order:
cd ~ โ go homemkdir hacking_practice โ create a foldercd hacking_practice โ enter the folderecho "Hello hacker world" > greet.txt โ create a filecat greet.txt โ check the contentsls -la โ see what's in the foldergrep "hacker" greet.txt โ find the wordcp greet.txt greet_backup.txt โ make a copyls โ two files should be thererm greet_backup.txt โ delete the copycd .. โ exit the folderIf all 11 commands succeed โ you've mastered the basics of the terminal. This is enough for 95% of a penetration tester's work.
Open Claude and ask:
I've just learned 10 basic Linux commands:
pwd, ls, cd, cat, grep, find, mkdir/rm/mv/cp, chmod, pipes, sudo.
Give me 5 practical tasks with a difficulty level from easy to medium
that I can complete right now in my Kali Linux to reinforce my skills.
Each task โ 1 sentence with what to do + expected result.Complete these 5 tasks. If you get stuck โ ask Claude again.
| Command | What it does | Example |
|---|---|---|
pwd | Shows current folder | pwd |
ls | Shows files and folders | ls -la |
cd | Changes folder | cd Documents |
cat | Shows file contents | cat file.txt |
grep | Finds text in a file | grep "error" log |
find | Finds files | find / -name "*.conf" |
mkdir | Creates a folder | mkdir test |
cp / mv / rm | Copies / moves / deletes | cp a b |
chmod | Changes permissions | chmod +x script |
| | Pipes output | ls | grep "txt" |
sudo | Runs as admin | sudo apt update |
In Lesson 2.3, we'll cover permissions and root. What "root" means, where passwords are stored in Linux, and what chmod 755 exactly means. This is the foundation for Module 5, "Web Vulnerabilities", where we need to understand how servers store data.