Operating Systems & CLI Mastery

Advanced system administration, hardening techniques, and utilizing the command line for security analysis across Linux and Windows environments.

Deep Dive: File System & Processes

Linux: Advanced Permissions

Understanding SUID/SGID bits, Sticky bits, and Access Control Lists (ACLs). Identifying unnecessary set-user-ID permissions is key to defense.

# Find SUID files
find / -perm -4000 2>/dev/null

# Set an extended ACL for a user
setfacl -m u:alice:rw project_file

Process Monitoring and Killing

Utilizing tools like top, htop, and `tasklist` to identify abnormal CPU usage, memory consumption, or unauthorized running processes.

# Linux: Find PID and terminate
ps aux | grep suspicious_process
kill -9 [PID]

# Windows: Terminate by name
Stop-Process -Name "malware.exe"

Environment Variables & Paths

Understanding how path manipulation and environment variables (like `$PATH` or `$Env:PATH`) can be exploited or used to configure security tools.

# View PATH on Linux
echo $PATH

# View PATH on Windows (PowerShell)
$Env:Path

Shell Scripting and Automation

Bash Scripting Basics

Write simple scripts for automating repetitive security tasks, like log rotation, backup checks, or port scanning a list of targets.

#!/bin/bash
# Simple port check script
for ip in $(cat targets.txt); do
  nc -vz $ip 22 2>&1 | grep succeeded
done

PowerShell for Incident Response

Leverage PowerShell cmdlets for deep system inspection: registry queries, WMI object enumeration, and remote process investigation.

# Check scheduled tasks for persistence
Get-ScheduledTask | Where-Object {$_.State -ne "Ready"}

# Get Windows event logs
Get-WinEvent -FilterHashTable @{LogName='Security'; ID=4624}

System Hardening Techniques

Disable Unnecessary Services

Minimize the attack surface by identifying and disabling non-essential services. Less code running means fewer points of failure.

Secure Boot Configuration

Implementing BIOS/UEFI passwords, disk encryption (e.g., LUKS, BitLocker), and validating system integrity at boot time.