Complete beginner? This workbook assumes zero Linux knowledge. Read it top to bottom. Open a terminal alongside and type every command as you go โ reading alone won't teach you Linux, doing will.
Chapter 1 โ What is Linux?
Linux is an open-source operating system kernel that powers everything from your Android phone to 96% of the world's web servers to supercomputers. It's the operating system of cybersecurity.
Why Linux for security? Because most servers run Linux, and understanding the attacker's and defender's environment is fundamental. Kali Linux is a specialised security distribution built on top of Debian Linux.
| Linux Distribution | Best For |
|---|---|
| Kali Linux | Penetration testing (you're here) |
| Ubuntu | Beginners, servers, desktop |
| Debian | Stable servers |
| CentOS / Rocky | Enterprise servers |
| Arch Linux | Advanced users who want control |
Chapter 2 โ The Terminal
The terminal (also called the command line or shell) is where you type commands. On a graphical Linux desktop, open it by pressing Ctrl+Alt+T or searching for "Terminal".
# The prompt looks like this:
uzair@kali:~$
# What each part means:
uzair โ your username
kali โ hostname (computer name)
~ โ current directory (~ means home directory)
$ โ you are a normal user (# means you are root)
# Type a command and press Enter to run it
whoami # prints your username
date # prints current date and time
uptime # how long the system has been running
uname -a # system info including kernel version
Essential Keyboard Shortcuts
| Shortcut | What it does |
|---|---|
Ctrl+C | Stop/cancel current command |
Ctrl+L | Clear the terminal screen |
Tab | Autocomplete command or filename |
โ / โ | Previous/next command history |
Ctrl+A | Jump to start of line |
Ctrl+E | Jump to end of line |
Ctrl+R | Search command history |
Chapter 3 โ Navigation
# Where am I?
pwd # Print Working Directory โ /home/uzair
# List files in current directory
ls # basic list
ls -l # long format (permissions, size, date)
ls -la # include hidden files (starting with .)
ls -lh # human-readable file sizes (KB, MB)
# Change directory
cd /etc # go to /etc
cd ~ # go to your home directory
cd .. # go up one level
cd ../.. # go up two levels
cd - # go back to previous directory
# Linux file system key locations:
/ โ root of everything
/home/ โ user home directories (/home/uzair)
/etc/ โ system configuration files
/var/ โ variable data (logs, websites)
/tmp/ โ temporary files (cleared on reboot)
/usr/bin/ โ user programs and commands
/root/ โ root user's home directory
Chapter 4 โ Files & Directories
# Create a directory
mkdir myfolder
mkdir -p projects/web/css # create nested dirs at once
# Create an empty file
touch notes.txt
touch file1.txt file2.txt # create multiple at once
# Copy files
cp file.txt backup.txt
cp -r folder/ backup_folder/ # copy directory recursively
# Move / rename
mv old.txt new.txt # rename a file
mv file.txt /tmp/ # move to /tmp/
# Delete
rm file.txt # delete a file
rm -r folder/ # delete a directory and contents
rm -rf folder/ # force delete (no confirmation) โ be careful!
# Find files
find / -name "passwd" # find file named passwd anywhere
find /home -name "*.txt" # find all .txt files in /home
find . -type d # find all directories in current folder
Chapter 5 โ Viewing & Editing Files
# View file contents
cat /etc/hosts # print entire file
less /var/log/syslog # scroll through (q to quit, / to search)
head -20 file.txt # first 20 lines
tail -20 file.txt # last 20 lines
tail -f /var/log/syslog # live view (follow mode)
# Search inside files
grep "error" /var/log/syslog # find lines with "error"
grep -i "error" file.txt # case-insensitive
grep -r "password" /etc/ # search recursively
grep -n "word" file.txt # show line numbers
# Edit with nano (easiest editor)
nano file.txt
# Ctrl+O โ save Ctrl+X โ exit Ctrl+W โ search
# Edit with vim (powerful, steeper learning curve)
vim file.txt
# i โ insert mode Esc โ normal mode
# :w โ save :q โ quit :wq โ save and quit :q! โ quit without saving
# Write text to a file
echo "Hello World" > file.txt # overwrite
echo "More text" >> file.txt # append (add to end)
Chapter 6 โ Users & Permissions
# Users and groups
whoami # your username
id # user ID, group ID, and groups
cat /etc/passwd # all users (format: user:x:uid:gid:info:home:shell)
# Switch users
su - john # switch to user john (need their password)
sudo su # switch to root (if you have sudo rights)
sudo command # run one command as root
# Understanding permissions (ls -l output)
-rwxr-xr-- 1 uzair users 1234 Jun 15 notes.txt
โโโโโโโโโ
โโโโโโโโโโ others: r-- (read only)
โโโโโโโโโโ group: r-x (read + execute)
โโโโโโโโโโ owner: rwx (read + write + execute)
โโโโโโโโโโ file type: - = file, d = directory, l = symlink
# Change permissions with chmod
chmod 755 script.sh # rwxr-xr-x (owner all, others read+exec)
chmod 644 file.txt # rw-r--r-- (owner read+write, others read)
chmod +x script.sh # add execute for everyone
chmod u+x script.sh # add execute for owner only
# Change owner
chown uzair:users file.txt # change owner and group
chown -R uzair /var/www/ # recursive
Chapter 7 โ Processes
# View running processes
ps # your processes
ps aux # ALL processes, detailed
ps aux | grep firefox # find Firefox process
# Interactive process viewer
top # press q to quit
htop # nicer version (sudo apt install htop)
# Kill a process
kill 1234 # kill by PID (process ID)
kill -9 1234 # force kill
killall firefox # kill by name
pkill firefox # kill by name pattern
# Run in background
./script.sh & # run in background
jobs # list background jobs
fg # bring background job to foreground
Ctrl+Z # pause and background current job
Chapter 8 โ Networking Commands
# Check your IP address
ip a # modern (preferred)
ifconfig # older (may need net-tools)
# Test connectivity
ping google.com # send ICMP packets (Ctrl+C to stop)
ping -c 4 8.8.8.8 # send exactly 4 pings
# DNS lookup
nslookup google.com # find IP of a domain
dig google.com # detailed DNS info
host google.com # quick DNS lookup
# Open connections and listening ports
ss -tulnp # modern (preferred)
netstat -tulnp # older alternative
# Download files
wget https://example.com/file.zip
curl -O https://example.com/file.zip
curl https://example.com/api -o output.json
Chapter 9 โ Package Management
# Kali/Debian/Ubuntu use apt
# Update package list
sudo apt update
# Upgrade installed packages
sudo apt upgrade
sudo apt full-upgrade # also removes conflicting packages
# Install a package
sudo apt install nmap
sudo apt install nmap wireshark burpsuite # multiple at once
# Remove a package
sudo apt remove nmap
sudo apt purge nmap # also removes config files
sudo apt autoremove # remove unused dependencies
# Search for a package
apt search nmap
apt show nmap # info about a package
# List installed packages
dpkg -l | grep nmap
Chapter 10 โ Bash Basics
# Pipes โ send output of one command to another
ps aux | grep ssh # filter process list for ssh
cat /etc/passwd | cut -d: -f1 # extract usernames
ls -la | sort -k5 -n # sort by file size
# Redirection
command > file.txt # save output to file (overwrite)
command >> file.txt # append output to file
command 2>&1 # redirect errors to stdout
command 2>/dev/null # discard error messages
# Variables
name="Uzair"
echo "Hello, $name" # Hello, Uzair
# Simple bash script
#!/bin/bash
echo "My IP is:"
ip a | grep "inet " | grep -v 127
echo "Done!"
# Save as scan.sh, make executable, run
chmod +x scan.sh
./scan.sh
# For loop
for i in 1 2 3 4 5; do
echo "Number: $i"
done
# Loop through IP range
for ip in 192.168.1.{1..254}; do
ping -c 1 -W 1 $ip &>/dev/null && echo "$ip is alive"
done
Workbook Complete! You now have the Linux foundation every cybersecurity student needs. The terminal should feel familiar โ keep practising by using the command line for everything instead of the GUI.