Have a question?
Send enquiry
Message sent Close
100 Essential Windows Commands for Cybersecurity

100 Essential Network Commands

Command | Sample Usage | Explanation
๐Ÿ”Œ Basic Network Commands (15)
Command Sample Usage Explanation
ipconfig / ifconfig ipconfig /all
ifconfig -a		 Displays all network interface configuration
ping ping -n 5 8.8.8.8
ping -c 5 google.com		 Tests connectivity to a host (Windows/Linux)
tracert / traceroute tracert google.com
traceroute -I google.com		 Traces route to a host (Windows/Linux)
netstat netstat -ano
netstat -tulnp		 Displays network connections and ports
arp arp -a
arp -vn		 Displays ARP cache (IP to MAC mappings)
route route print
route -n		 Displays routing table
hostname hostname Displays the system's hostname
getmac getmac /v Displays MAC addresses (Windows)
ip / iproute2 ip a
ip route		 Modern Linux network configuration
nmcli nmcli device show NetworkManager command-line tool
nslookup nslookup example.com DNS query tool
dig dig example.com ANY DNS lookup utility
whois whois example.com Domain registration lookup
๐Ÿ” Network Scanning & Discovery (15)
Command Sample Usage Explanation
nmap nmap -sV -O 192.168.1.0/24 Network discovery and security auditing
netdiscover netdiscover -i eth0 -r 192.168.1.0/24 Active/passive ARP reconnaissance tool
arp-scan arp-scan -l --interface=eth0 ARP scanning and fingerprinting
nbtscan nbtscan -r 192.168.1.0/24 NetBIOS name service scanner
hping3 hping3 -S -p 80 192.168.1.1 Network probing and testing tool
masscan masscan -p1-65535 192.168.1.1 --rate=1000 High-speed port scanner
fping fping -g 192.168.1.0/24 Fast parallel ping scanner
dnsenum dnsenum example.com DNS enumeration tool
dnsrecon dnsrecon -d example.com DNS reconnaissance tool
theHarvester theHarvester -d example.com -b google Email/domain reconnaissance
snmpwalk snmpwalk -v2c -c public 192.168.1.1 SNMP enumeration tool
onesixtyone onesixtyone -c community.txt 192.168.1.0/24 SNMP scanner
metasploit msfconsole -q -x "use auxiliary/scanner/portscan/tcp" Network exploitation framework
patator patator ssh_login host=192.168.1.1 user=root password=FILE0 0=passwords.txt Multi-purpose brute-forcer
crackmapexec crackmapexec smb 192.168.1.0/24 -u admin -p password Network penetration testing tool
๐Ÿ“Š Traffic Analysis (10)
Command Sample Usage Explanation
tcpdump tcpdump -i eth0 port 80 -w capture.pcap Packet capture and analysis
wireshark wireshark -k -i eth0 Graphical packet analyzer
tshark tshark -i eth0 -f "tcp port 443" Wireshark command-line version
ngrep ngrep -q -W byline "password" port 21 Network grep for matching patterns
iftop iftop -i eth0 -n Displays bandwidth usage
nethogs nethogs eth0 Per-process bandwidth monitoring
bmon bmon -p eth0 Bandwidth monitor and rate estimator
iptraf-ng iptraf-ng -i eth0 Interactive network monitoring
tcptrack tcptrack -i eth0 TCP connection monitoring
driftnet driftnet -i eth0 Captures and displays images from traffic
๐Ÿ“ถ Wireless Network Commands (10)
Command Sample Usage Explanation
iwconfig iwconfig wlan0 Wireless interface configuration
iwlist iwlist wlan0 scan Wireless scanning utility
airmon-ng airmon-ng start wlan0 Enables monitor mode
airodump-ng airodump-ng wlan0mon Wireless packet capture
aireplay-ng aireplay-ng --deauth 10 -a BSSID wlan0mon Wireless attack tool
aircrack-ng aircrack-ng capture.cap -w wordlist.txt WEP/WPA cracker
wash wash -i wlan0mon WPS scanner
reaver reaver -i wlan0mon -b BSSID -vv WPS PIN brute force
bully bully wlan0mon -b BSSID Alternative WPS attack tool
wavemon wavemon Wireless monitoring tool
๐ŸŒ DNS & Web Commands (10)
Command Sample Usage Explanation
host host example.com 8.8.8.8 DNS lookup utility
httrack httrack http://example.com -O /path Website copier
nikto nikto -h http://example.com Web server scanner
sqlmap sqlmap -u "http://test.com?id=1" --dbs SQL injection tool
whatweb whatweb example.com Web technology identifier
gobuster gobuster dir -u http://example.com -w wordlist.txt Directory/URL brute-forcer
dirb dirb http://example.com Web content scanner
wfuzz wfuzz -c -z file,wordlist.txt --hc 404 http://example.com/FUZZ Web application brute-forcer
subfinder subfinder -d example.com Subdomain discovery tool
amass amass enum -d example.com Attack surface mapping
๐Ÿ”ฅ Firewall & Security (10)
Command Sample Usage Explanation
iptables iptables -A INPUT -p tcp --dport 22 -j ACCEPT Linux firewall configuration
ufw ufw allow 22/tcp Uncomplicated firewall
nftables nft add rule ip filter input tcp dport 22 accept Modern Linux firewall
netsh (Windows) netsh advfirewall show allprofiles Windows firewall management
fail2ban-client fail2ban-client status sshd Intrusion prevention system
ss ss -tulnp Socket statistics (modern netstat)
lsof lsof -i :80 Lists open files and network connections
tcpkill tcpkill -9 host 192.168.1.100 Kills TCP connections
knock knock -v host 1234 2345 3456 Port knocking utility
sockstat sockstat -4 Lists open sockets (BSD)
๐Ÿšช Remote Access & Tunneling (10)
Command Sample Usage Explanation
ssh ssh -p 2222 user@host Secure shell client
scp scp file.txt user@host:/path Secure file copy
sftp sftp user@host Secure FTP
rsync rsync -avz /local user@host:/remote Remote file synchronization
telnet telnet host 25 Unencrypted remote access (insecure)
nc / netcat nc -lvnp 4444 Network Swiss army knife
ncat ncat --ssl -lvnp 443 Improved netcat from nmap
socat socat TCP-LISTEN:80,fork TCP:192.168.1.100:80 Multipurpose relay tool
autossh autossh -M 0 -N -L 8080:localhost:80 user@host Automatically restarts SSH sessions
sshuttle sshuttle -r user@host 0.0.0.0/0 Transparent proxy VPN over SSH
๐Ÿ› ๏ธ Network Diagnostics (10)
Command Sample Usage Explanation
mtr mtr -n google.com Combines ping and traceroute
pathping pathping google.com Windows route/ping combination
tcptraceroute tcptraceroute -p 443 google.com Traceroute using TCP packets
nping nping --tcp -p 80 google.com Network packet generation tool
iperf3 iperf3 -s (server)
iperf3 -c host (client)		 Network bandwidth measurement
ethtool ethtool eth0 Network interface configuration
speedtest-cli speedtest-cli --simple Command-line speed test
vnstat vnstat -i eth0 -l Network traffic monitoring
netperf netperf -H host -t TCP_STREAM Network performance testing
smokeping smokeping google.com Network latency monitoring
๐Ÿ›ก๏ธ VPN & Tunneling (10)
Command Sample Usage Explanation
openvpn openvpn --config client.ovpn VPN client software
wireguard wg-quick up wg0 Modern VPN solution
pppd pppd call vpn-connection Point-to-Point Protocol daemon
ipsec ipsec start IPsec VPN implementation
stunnel stunnel config.conf SSL tunneling program
sshuttle sshuttle -r user@host 0.0.0.0/0 VPN over SSH
zerotier-cli zerotier-cli join NETWORK_ID ZeroTier VPN client
tinc tincd -n VPNNAME Mesh VPN daemon
openconnect openconnect vpn.example.com Cisco AnyConnect compatible client
softether vpncmd /SERVER vpn.example.com Multi-protocol VPN software
โ˜๏ธ Cloud & Container Networking (10)
Command Sample Usage Explanation
aws-cli aws ec2 describe-instances AWS cloud management
gcloud gcloud compute instances list Google Cloud management
az az vm list Azure CLI
docker docker network ls Container networking
kubectl kubectl get services Kubernetes networking
terraform terraform plan Infrastructure as code
ansible ansible all -m ping Network automation
pulumi pulumi up Cloud infrastructure management
vagrant vagrant up Virtual network environments
packer packer build template.json Network image builder

Network Command Reference | Bookmark for quick access