Skip to Main Content
September 19, 2024

Console Cowboys: Navigating the Modern Terminal Frontier

Written by Martin Bos
Security Testing & Analysis

In our little niche corner of technology, it’s hard not to get excited about all the new command line interface (CLI) tools popping up all the time. I decided to make this blog post because recently, I had to get back into a lot of command line development stuff, and I found a few really cool new CLI tools. I showed a few teammates in Vegas this year, and based on the interest, I decided to showcase some of the stuff I use in my daily life. Along with a few other tooIs that I have been using for many years, these simple, well done CLI tools have completely changed the way I approach my work, making everything faster, smoother, and more efficient.

These CLI tools aren’t the traditional hacking utilities that you would normally see in a TrustedSec blog post. These are utilities that increase productivity. Many of these tools streamline the clunky ways we’ve been doing things for years. Learning to navigate your system with speed and precision, even if it’s not directly hacking-related, will always make you a more efficient consultant. The ability to zip through directories, automate tasks, and manipulate files effortlessly gives you an edge on any engagement. Plus, let’s be real: there’s something undeniably cool about clean, colorized, and properly formatted screenshots when you’re showing off your l33t hax. It's like someone finally decided to build the tools we’ve always wanted.

But here’s the thing: as rad as some of these CLI tools are, they’re not always an option. A lot of the time, we find ourselves working on systems where these modern languages just don’t exist. That’s why, even though the new, new shiny is great, it’s important not to rely on them too much until you’ve mastered the old-school commands they’re replacing. You should understand the basics of what really happening under the hood, no matter what kind of system you’re up against.

Whether you’re deep into hacking or just love tinkering with your system, I think you’ll appreciate how these tools can enhance your workflow. They’re not just about getting the job done, they’re about doing it with style and precision. There’s something deeply satisfying about navigating your environment with a few well-placed commands. I’ve always believed that the right setup on your machine can make all the difference, so, in this post, I’m sharing the tools that have made a real impact on how I work, hoping they might inspire you to take your command line game to the next level too.

I am making a few assumptions here:

  1. You are familiar with the command line
  2. You are on some flavor of Unix/Linux (I don’t use Arch by the way)
  3. Homebrew is installed or you know how to use your own system package manager
  4. My shell is ZSH—you can figure your syntax out if it's something else

1. tldr

tldr is designed to provide concise explanations and practical examples for common command-line tools and operations. Instead of wading through lengthy man page documentation, you get a quick overview of what a command does and how to use it effectively. Let's have a look at a traditional man page.

It's fine, but it could be better, right?

brew install tldr

The output is much nicer with coloring and examples.

2. cheat

Another tool in the same spirit as tldr is cheat, which has a large database of user-submitted “example commands,” i.e., cheats. When you use cheat, you can quickly pull up a cheat sheet that gives you the most commonly used options and examples for a command. Whether you're working with unfamiliar tools or just need a quick syntax refresher, cheat helps you use your tools more efficiently, making it an essential resource for testers.

Brew install cheat

3. bat

Let's face it, cat is not that great.

Pretty boring. The main things I am missing here that would be useful are line numbers and syntax highlighting. Enter bat.

brew install bat

Let's have a look with bat.

Now that’s the kind of output I am looking for. Let's see how Python looks.

Now of course you can go with the traditional man bat if you want to memorize all the flags and stuff, but that’s the old school way. Let's check our new tldr utility.

These are some great examples of things you can do! The one I use the most in my daily life is the –show-all command, which can be helpful in tracking down non-printable characters in code and wordlists or debugging command line file inputs.

4. lsd

This little tool enhances the old-school ls command with colors and icons to bring the terminal a bit more into the 21st century. The output is just cooler, and that’s what really matters.

Brew install lsd

Let's check tldr and see if there are any helpful examples.

5. Atuin

This might be my favorite of all the utilities I am mentioning here. Atuin is a really elegant way to store, search, display, and sync your command history.

Brew install atuin

I had to blur my commands, but the screenshot below shows how nicely formatted the results are.

Can you guess what I am going to do next? Check tldr.

5. Delta

Another tool I use a lot in my day-to-day life is the diff command. It's often super useful to compare files, have colorized output, and structure it in a way that makes sense. Let's check out how stock diff looks.

Not that great, right?

Brew install delta

Now, let's give Delta a whirl with the flag I use the most in everyday working, which will output the two (2) files side by side.

This is super useful to quickly see differences in small snippets of code. Check tldr for more examples, but I really only use the side-by-side flag since you get line numbers, colors, and a side-by-side comparison.

6. Fastfetch

You might be familiar with Neofetch, especially if you have any friends who use Arch. I don’t use Arch by the way. You might also have heard that Neofetch was recently placed in read-only mode and is basically dead.

You could keep rollin’ with Neofetch, but what will your hipster friends say when they see you using outdated tools? The closest 1:1 replacement I could find is Fastfetch.

Brew install fastfetch

One thing I really like to do is use my own ASCII art for that l33t custom hacker feel.

Brew install jp2a

I use jp2a to turn a .jpg into ASCII.

jp2a --size=40x20 --colors --chars='01' Trustedsec_Logo.jpg --output=Trustedsec_Logo2.ascii

…and voila!

7. bottom

Now, this one might be super subjective to the network folks out there, but oh well. Yet another system monitor, right? There are so many options like top, htop, btop, bpytop, and the list goes on—so why bother with another one? 

Well, bottomnot only looks cooler, but it's also the lightest weight on my system. It’s not just about aesthetics, though looking cool certainly has its perks. When you’re deep in the LAN, hacking away, you need every bit of RAM and CPU power you can get. Bottom excels here with a sleek, modern interface that doesn’t hog resources, unlike some of the more bloated options out there. Plus, it’s written in Rust, which means it's fast, efficient, and reliable. For me, it’s all about balancing form and function. Bottom doesn’t just monitor your system, it does so with minimal impact, leaving more of your precious resources available for the tasks that matter most.

Brew install bottom

One thing I really like about bottom is the ability to run in a basic mode for the minimalists and old guys.

8. zoxide

Zoxide is a smarter cd command that remembers the directories you visit most frequently. Unlike cd, which requires you to type out full or relative paths, zoxide uses a powerful fuzzy search to jump to frequently used directories with minimal input. It learns your habits over time, so the more you use it, the faster and more accurate it becomes. This means you can navigate complex directory structures with just a few keystrokes, making your workflow faster and more intuitive.

Brew install zoxide

9. fd

This is a modern replacement for find—the syntax makes a lot more sense to me than the traditional find command. There are a LOT of options on this tool, but the few I use the most are:

Brew install fd

Find all file types in a directory.

fd searches the current directory recursively for any entries that contain the pattern.

We can also check our two (2) helper tools for examples.

10. ripgrep

Along with blazing fast directory switching, we can also add ripgrep, which is the way grep should have worked from day one. Ripgrep uses a more efficient search algorithm and optimized code, making it significantly faster, especially in large codebases or directories with many files. Unlike grep, ripgrep automatically ignores files specified in .gitignore, making it ideal for working in version-controlled projects. Additionally, ripgrep offers modern features like recursive search by default and built-in support for searching compressed files.

Brew install ripgrep

There is also a nice tldr page for it.

11. Broot

Broot is a nice, colorized replacement for tree with the ability to navigate to and open files. While tree is great for visualizing directories, Broot takes it a step further by allowing you to navigate, search, and even manage files and directories directly within the interface. To be totally honest, I just like the colorized output and the fact that it's truncated by default. I don’t use the other features that much since I use other file finding utilities.

Brew install broot

12. fzf

Moving on with file management, fzf is a command line tool that allows for super-fast searching in the current working directory. This tool is not new but is still in active development and works exceptionally well.

Brew install fzf

Then, in your current working directory.

If you start typing any word or string, the list quickly narrows until you hopefully locate what you are looking for.

On its own, fzf is cool enough, but for me the real shine lies in the fzf-tab plugin for ZSH. Once installed, when you hit tab to tab complete, it gives a nice fzf output to navigate and choose from.

13. gping

This is pretty self-explanatory—gping is a term-based graphical ping for management presentations. Unlike the standard ping command, which outputs text-based round-trip times, gping displays this information as a dynamic graph, allowing you to visualize latency trends and fluctuations over time. This makes it easier to spot patterns, identify potential network issues, and understand the stability of your connections at a glance.

Brew install gping

14. procs

Procs is basically ps with structure and color. It's pretty much a drop-in replacement for ps and I just alias it. Unlike ps, which can be somewhat limited and cryptic, procs offers a colorful, customizable output that is easier to read and interpret. It supports features like searching, filtering, and sorting processes in real-time, making it much more powerful and flexible for monitoring system activity.

Brew install procs

15. HTTPie

In a nutshell, HTTPieis a command-line HTTP client for the API era. HTTPie allows you to quickly send HTTP requests and view responses in a clear, readable format. This makes it easier to test APIs, troubleshoot issues, and interact with web services during development. I use this one for pretty basic stuff, but it still deserves an honorable mention.

Brew install httpie 

Check tldr for some examples to get us started.

16. dust

Like du but more intuitive, dust is a tool for managing disk usage, providing a clear, visual representation of your filesystem. It allows you to quickly identify large directories and files, helping to optimize space and improve system performance. If I am being honest, I don’t use this one that much, but it is helpful when tracking down files that are hogging disk space.

Brew install dust

17. speedtest-cli

There isn't a lot to say about this one, but a terminal-only speedtest-cli is useful for testing performance in headless environments, ensuring VPNs aren’t degrading speeds and troubleshooting latency issues that impact real-time monitoring. It’s also valuable for establishing network baselines to detect anomalies, automating speed tests in scripts for continuous monitoring, and operating in secure, resource-constrained environments. Additionally, it’s useful for assessing network reliability at remote sites. It’s a super-fast way to check your connection speed in a terminal-only situation.

Brew install speedtest-cli

18. Putting it all together

Some of these tools I alias over the old command, like fd and lsd, but for some of the tools like dust, I use the defaults. If you are interested in how I alias some of this stuff, here is a snippet from my .zshrc file.

 #muh stuff
#---
#first off gotta look cool 
alias fetch="fastfetch -l ~/.dotfiles/logos/TSLogo.ascii"

#Open nnn file manager in current folder
alias ll='nnn -de'

#LSDelux, what more needs to be said
alias ls='lsd -Flh'

#To many editors is dumb, conform
alias vim='nvim'
alias vi='nvim'
alias nano='nvim'

#edit and reload my file super l33t and fast
alias zshr="source ~/.zshrc"
alias zshe="nvim ~/.zshrc"

#Directory browsing 
eval "$(zoxide init zsh)"
#alias cd="z"
alias diff="delta --side-by-side"
eval "$(fzf --zsh)"

#system tools
alias sysmon="btm --theme=gruvbox"
alias ps="procs"
alias tree="broot"
source /Users/martinbos/.config/broot/launcher/bash/br

#fat finger helper
eval $(thef*** --alias)

#Shell command history
eval "$(atuin init zsh)"

#Prompt
eval "$(oh-my-posh init zsh --config ~/.oh_my_posh/themes/hul10.omp.json)"

One point I do want to drive home is that while it's exciting to explore and utilize the latest command line tools, it's important to recognize that as consultants, we often find ourselves working with legacy systems that offer limited commands and lack the flexibility to install our own tools. These environments demand a deep understanding of the fundamental tools and techniques that have been in use for decades. Before embracing the newest innovations, it's crucial to master the traditional tools they aim to replace. By doing so, you not only become a more versatile and resourceful consultant, but you also ensure that you're fully equipped to handle any situation, regardless of how outdated or restricted the system might be. The ability to fall back on tried-and-true methods is invaluable in this field, where adaptability and a solid grasp of the basics can make all the difference in delivering effective and impactful assessments.