ID: C2 Deep Pt.3

Global Regular Expression Print

command-line utility for searching plain-text data sets for lines that match a regular expression. The command works on Unix, Linux, and macOS operating systems.

popular screen-oriented text editor in Linux, Unix, and other Unix-like operating systems. When using, the terminal screen acts as a window into the editing buffer. Changes made to the editing buffer shall be reflected in the screen display, and the position of the cursor on the screen will indicate the position within the editing buffer.

displays the present working directory (current directory) path to the terminal or display.

a powerful package management command -line program that works with Ubuntu's APT (Advanced Packaging Tool) library to install new software packages, remove existing software packages, upgrade existing software packages, and even upgrade the entire operating system. This utility works with Ubuntu and Debian-based Linux distributions.

grep

The vi (visual) utility

The pwd command

The apt-get utility

Apple File System

the default file system for Mac computers using macOS 10.13 or later and features strong encryption, space sharing, snapshots, fast directory sizing, and an improved file system fundamentals.

Extended Hierarchical File System

a journaling file system used natively by Apple's macOS systems before APFS was released in 2017. The file system can support a maximum volume size of 8 EB

a Windows file system that supports a 64-bit address space and can provide extra features such as file-by-file compression and RAID support as well as advanced file attribute management tools, encryption, and disk quotas. This file system can support a maximum volume size of up to 8 PB.

32-bit file system supported by Windows, macOS, and Linux computers. The file system can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.

The Apple file system (APFS)

The Extended Hierarchical File System (HFS+)

The NT file system (NTFS)

a password-based authentication and password-authenticated key agreement method used in WPA3 that replaced the 4-way handshake used in WA-based wireless networks.

The File Allocation Table 32-bit (FAT 32)

enables encryption for traffic being sent and received over a wireless network when still using open authentication.

high-performance mode of operation for symmetric encryption that supports authenticated encryption with associated data (AEAD).

protect unicast and multicast management action frames to protect against eavesdropping and forgery in WPA3-based wireless networks.

Simultaneous Authentication of Equals (SAE)

Enhanced Open

AES Galois Counter Mode Protocol (GCMP)

Management Protection Frames

placeholder in a script containing a number, character, or string of characters. These scripts do not have to be declared (unlike in programming languages) but can be assigned a value. Then, the name is referenced throughout the script instead of the value itself.

a specific identifier that contains a value that cannot be changed within the program. For example, the value to convert a number from F to C is alwavs 5/9 because the formula is C = (F -32) * 5/9.

deviates from the initial program path to some sort of logic condition. In this operation, the computer repeats the task until a condition is met. Often implemented with For or While statements. For example, a short script like (For i=1 to 100, print I, next) would print the numbers from 1 to 100 to the screen.

written into the code to help a human understand the initial programmer's logic. In Python, for example, you can use the # symbol to comment on a line of code. Anything on the line after the # is ignored by the computer when the script is being executed.

Variable

Constant

Loop

Comment

Microsoft Group Policy Object

a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users. This Policy is the primary administrative tool for defining and controlling how programs, network resources, and the operating system operate for users and computers in an organization.

Host Based Intrusion Detection System

a device or software application that monitors a system for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator or collected centrally using a security information and event management system.

a program that scans a device or network for known viruses, Trojans, worms, and other malicious software.

Microsoft's Group Policy Object (GPO)

Host-Based Intrusion Detection System (HIDS)

Anti-malware software

Patch Management

Resource Monitor

a utility used to display information about the use of hardware (CPU, memory, disk, and network) and software (file handles and modules) resources in real-time. The monitor helps check the performance counters of specific resources and decide a course of action to improve the performance.

System Information

a utility that gathers information about your computer and displays a comprehensive list of hardware, system components, and the software environment that can be used to diagnose computer issues.

Directx Diagnostic

used to collect info about devices to help troubleshoot problems with Direct sound and video. It is a diagnostics tool used to test functionality and troubleshoot video-related or sound-related hardware problems. This diagnostic can save text files with the scan results.

Device Manager

a utility used to view and control the hardware attached to the computer. The system will highlight a piece of hardware that is not working so that a technician can repair or replace it.

Resource Monitor (resmon.exe)

System Information (msinfo32.exe)

Direct× Diagnostic (dxdiag.exe) utility

Device Manager (devmgmt.ms)

GUID Partition Table

Master Boot Record

a modern disk partitioning system allowing large numbers of partitions and very large partition sizes. The table is used in modern computers that support the UEFI standard and can support a maximum capacity of up to 9.7 ZB and up to 128 partitions.

a sector on a hard disk storing information about partitions configured on the disk. The sector holds the information on how the logical partitions that contain the file systems are organized on the physical disk.

a file that contains all of the contents from an optical disc in a single file which can be mounted to the file system as though it were a physical optical drive.

32-bit file system supported by Windows, macOS, and Linux computers. FAT32 can support maximum volume sizes of up to 2 TB and maximum file sizes of up to 4 GB.

GUID Partition Table (GPT)

Master Boot Record (MBR)

Optical Disk Image (ISO) File

File Allocation Table 32-bit (FAT 32)

Third Extended File System

Fourth Extended File System

Network File System

on a Linux system is a portion of the hard disk formatted with a minimal kind of file system and used in situations when the operating system runs out of physical memory and needs more of it. It can only be used by the memory manager and not for the storage of ordinary data files.

a journaled file system commonly used by the Linux kernel. The file system can support a maximum volume size of up to 32 TB.

a journaled file system that is used natively by modern Linux operating systems such as Debian and Ubuntu. The file system can support a maximum volume size of up to 1 EB.

used to mount remote storage devices into the local file system on a Linux system. It allows you to mount your local file systems over a network and remote hosts to interact with them while mounted locally on the same system.

The Swap Partition

Third Extended Filesystem (ext3)

Fourth Extended File System (ext4)

The Network System File (NFS)

determines the route to a destination by sending Internet Control Message Protocol (ICMP) echo packets to the destination. In these packets, tracert uses varying IP Time-To-Live (TTL) values. When the TTL on a packet reaches zero (0), the router sends an IMP "Time Exceeded" message back to the source computer. The ICMP "Time Exceeded" messages that intermediate routers send back show the route.

displays all current TCP/IP network configuration values on a given system.

displays network connections for Transmission Control Protocol, routing tables, and some network interface and network protocol statistics on a single system.

a diagnostic tool for NetBIOS over TCP/IP used to troubleshoot NetBIOS name resolution problems.

The tracert (trace route) diagnostic utility

The ipconfig tool

The netstat tool is a command-line network utility

The nbtstat command

man-in-the-middle attack

ARP Spoofing

used to control the flow within a computer program or script, usually based on some logic condition. Often, these are implemented with IF THEN ELSE statements.

file system optimized for external flash memory storage devices such as USB flash drives and SD cards. exFAT supports a maximum volume size of up to 128 PB with a recommended maximum volume size of 512 TB for the best reliability.

used to convert and copy files. On Unix and Unix-like operating systems like Linux, almost everything is treated as a file, even block devices like a hard disk drive. This makes dd useful to clone disks or wipe data from a drive.

command-line utility that moves files or directories from one place to another. The command supports moving single files, multiple files, and directories. The command can prompt before overwriting files and will only move files that are newer than the destination.

lists the files or directories in the current path of a Unix, Linux, or Mac operating system. When invoked without any arguments, this command lists the files in the current working directory.