Efficient CLI Tools for DevOps
Introduction
DevOps engineers are responsible for managing and automating the development and deployment processes. They need efficient tools to streamline their tasks and increase productivity. CLI tools are essential for DevOps engineers to streamline their tasks and improve efficiency. In this blog post, we will explore some of the most powerful and useful command-line interface (CLI) tools that every DevOps engineer should have in their toolkit.
CLI Tools
Shells
https://www.gnu.org/software/bash/
GNU Bash: - is an sh-compatible shell that incorporates useful features from the Korn shell and C shell.https://www.zsh.org/
Zsh: - is a shell designed for interactive use, although it is also a powerful scripting language.https://tcl-lang.org/
tclsh: - is a very powerful cross-platform shell, suitable for a huge range of uses.https://github.com/Bash-it/bash-it
bash-it: - is a framework for using, developing and maintaining shell scripts and custom commands.https://ohmyz.sh/
Oh My ZSH!: - is the best framework for managing your Zsh configuration.https://github.com/oh-my-fish/oh-my-fish
Oh My Fish: - the Fishshell framework.https://github.com/starship/starship
Starship: - the cross-shell prompt written in Rust.https://github.com/romkatv/powerlevel10k
powerlevel10k: - is a fast reimplementation of Powerlevel9k ZSH theme.
Shell plugins
https://github.com/rupa/z
z: - tracks the folder you use the most and allow you to jump, without having to type the whole path.https://github.com/junegunn/fzf
fzf: - is a general-purpose command-line fuzzy finder.https://github.com/zsh-users/zsh-autosuggestions
zsh-autosuggestions: - Fish-like autosuggestions for Zsh.https://github.com/zsh-users/zsh-syntax-highlighting
zsh-syntax-highlighting: - Fish shell like syntax highlighting for Zsh.https://github.com/unixorn/awesome-zsh-plugins
Awesome ZSH Plugins: - A list of frameworks, plugins, themes and tutorials for ZSH.
Managers
https://midnight-commander.org/
Midnight Commander: - is a visual file manager, licensed under GNU General Public License.https://github.com/ranger/ranger
ranger: - is a VIM-inspired filemanager for the console.https://github.com/jarun/nnn
nnn: - is a tiny, lightning fast, feature-packed file manager.https://www.gnu.org/software/screen/
screen: - is a full-screen window manager that multiplexes a physical terminal.https://github.com/tmux/tmux/wiki
tmux: - is a terminal multiplexer, lets you switch easily between several programs in one terminal.https://github.com/peikk0/tmux-cssh
tmux-cssh: - is a tool to set comfortable and easy to use functionality, clustering and synchronizing tmux-sessions.
Text editors
http://ex-vi.sourceforge.net/
vi: - is one of the most common text editors on Unix.https://www.vim.org/
vim: - is a highly configurable text editor.https://www.gnu.org/software/emacs/
emacs: - is an extensible, customizable, free/libre text editor, and more.https://github.com/zyedidia/micro
micro: - is a modern and intuitive terminal-based text editor.https://neovim.io/
neovim: - is a free open source, powerful, extensible and usable code editor.https://www.spacemacs.org/
spacemacs: - a community-driven Emacs distribution.https://spacevim.org/
spacevim: - a community-driven vim distribution.
Files and directories
https://github.com/sharkdp/fd
fd: - is a simple, fast and user-friendly alternative to find.https://dev.yorhel.nl/ncdu
ncdu: - is an easy to use, fast disk usage analyzer.
Network
https://www.putty.org/
PuTTY: - is an SSH and telnet client, developed originally by Simon Tatham.https://mosh.org/
Mosh: - is a SSH wrapper designed to keep a SSH session alive over a volatile connection.https://eternalterminal.dev/
Eternal Terminal: - enables mouse-scrolling and tmux commands inside the SSH session.https://nmap.org/
nmap: - is a free and open source (license) utility for network discovery and security auditing.https://github.com/zmap/zmap
zmap: - is a fast single packet network scanner designed for Internet-wide network surveys.https://github.com/RustScan/RustScan
Rust Scan: - to find all open ports faster than Nmap.https://github.com/robertdavidgraham/masscan
masscan: - is the fastest Internet port scanner, spews SYN packets asynchronously.https://github.com/gvb84/pbscan
pbscan: - is a faster and more efficient stateless SYN scanner and banner grabber.http://www.hping.org/
hping: - is a command-line oriented TCP/IP packet assembler/analyzer.https://github.com/traviscross/mtr
mtr: - is a tool that combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single tool.https://github.com/mehrdadrad/mylg
mylg: - utility which combines the functions of the different network probes in one diagnostic tool.http://netcat.sourceforge.net/
netcat: - utility which reads and writes data across network connections, using the TCP/IP protocol.http://www.dest-unreach.org/socat/
socat: - utility which transfers data between two objects.https://www.tcpdump.org/
tcpdump: - is a powerful command-line packet analyzer.https://www.wireshark.org/docs/man-pages/tshark.html
tshark: - is a tool that allows us to dump and analyze network traffic (wireshark cli).https://termshark.io/
Termshark: - is a simple terminal user-interface for tshark.https://github.com/jpr5/ngrep
ngrep: - is like GNU grep applied to the network layer.http://netsniff-ng.org/
netsniff-ng: - is a Swiss army knife for your daily Linux network plumbing if you will.https://github.com/mechpen/sockdump
sockdump: - dump unix domain socket traffic.https://github.com/google/stenographer
stenographer: - is a packet capture solution which aims to quickly spool all packets to disk.https://github.com/sachaos/tcpterm
tcpterm: - visualize packets in TUI.https://github.com/tgraf/bmon
bmon: - is a monitoring and debugging tool to capture networking related statistics and prepare them visually.http://iptraf.seul.org/2.6/manual.html#installation
iptraf-ng: - is a console-based network monitoring program for Linux that displays information about IP traffic.https://github.com/vergoh/vnstat
vnstat: - is a network traffic monitor for Linux and BSD.https://iperf.fr/
iPerf3: - is a tool for active measurements of the maximum achievable bandwidth on IP networks.https://github.com/Microsoft/Ethr
ethr: - is a Network Performance Measurement Tool for TCP, UDP & HTTP.https://github.com/jwbensley/Etherate
Etherate: - is a Linux CLI based Ethernet and MPLS traffic testing tool.https://github.com/mpolden/echoip
echoip: - is a IP address lookup service.https://github.com/troglobit/nemesis
Nemesis: - packet manipulation CLI tool; craft and inject packets of several protocols.https://github.com/packetfu/packetfu
packetfu: - a mid-level packet manipulation library for Ruby.https://scapy.net/
Scapy: - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.https://github.com/SecureAuthCorp/impacket
impacket: - is a collection of Python classes for working with network protocols.https://github.com/arthepsy/ssh-audit
ssh-audit: - is a tool for SSH server auditing.https://aria2.github.io/
aria2: - is a lightweight multi-protocol & multi-source command-line download utility.https://github.com/x-way/iptables-tracer
iptables-tracer: - observe the path of packets through the iptables chains.https://github.com/proabiral/inception
inception: - a highly configurable tool to check for whatever you like against any number of hosts.https://mremoteng.org/
mRemoteNG: - a fork of mRemote, multi-tabbed PuTTy on steroids!
Network (DNS)
https://github.com/farrokhi/dnsdiag
dnsdiag: - is a DNS diagnostics and performance measurement tools.https://github.com/mschwager/fierce
fierce: - is a DNS reconnaissance tool for locating non-contiguous IP space.https://github.com/subfinder/subfinder
subfinder: - is a subdomain discovery tool that discovers valid subdomains for websites.https://github.com/aboul3la/Sublist3r
sublist3r: - is a fast subdomains enumeration tool for penetration testers.https://github.com/OWASP/Amass
amass: - is tool that obtains subdomain names by scraping data sources, crawling web archives, and more.https://github.com/google/namebench
namebench: - provides personalized DNS server recommendations based on your browsing history.https://github.com/blechschmidt/massdns
massdns: - is a high-performance DNS stub resolver for bulk lookups and reconnaissance.https://github.com/guelfoweb/knock
knock: - is a tool to enumerate subdomains on a target domain through a wordlist.https://github.com/DNS-OARC/dnsperf
dnsperf: - DNS performance testing tools.https://github.com/jedisct1/dnscrypt-proxy
dnscrypt-proxy 2: - a flexible DNS proxy, with support for encrypted DNS protocols.https://github.com/dnsdb/dnsdbq
dnsdbq: - API client providing access to passive DNS database systems.https://github.com/looterz/grimd
grimd: - fast dns proxy, built to black-hole internet advertisements and malware servers.https://github.com/elceef/dnstwist
dnstwist: - detect typosquatters, phishing attacks, fraud, and brand impersonation.
Network (HTTP)
https://curl.haxx.se/
curl: - is a command line tool and library for transferring data with URLs.https://gitlab.com/davidjpeacock/kurly
kurly: - is an alternative to the widely popular curl program, written in Golang.https://github.com/jakubroztocil/httpie
HTTPie: - is an user-friendly HTTP client.https://github.com/asciimoo/wuzz
wuzz: - is an interactive cli tool for HTTP inspection.https://github.com/summerwind/h2spec
h2spec: - is a conformance testing tool for HTTP/2 implementation.https://github.com/gildasio/h2t
h2t: - is a simple tool to help sysadmins to hardening their websites.https://github.com/trimstray/htrace.sh
htrace.sh: - is a simple Swiss Army knife for http/https troubleshooting and profiling.https://github.com/reorx/httpstat
httpstat: - is a tool that visualizes curl statistics in a way of beauty and clarity.https://github.com/gchaincl/httplab
httplab: - is an interactive web server.https://lynx.browser.org/
Lynx: - is a text browser for the World Wide Web.https://github.com/browsh-org/browsh/
Browsh: - is a fully interactive, real-time, and modern text-based browser.https://github.com/dhamaniasad/HeadlessBrowsers
HeadlessBrowsers: - a list of (almost) all headless web browsers in existence.https://httpd.apache.org/docs/2.4/programs/ab.html
ab: - is a single-threaded command line tool for measuring the performance of HTTP web servers.https://www.joedog.org/siege-home/
siege: - is an http load testing and benchmarking utility.https://github.com/wg/wrk
wrk: - is a modern HTTP benchmarking tool capable of generating significant load.https://github.com/giltene/wrk2
wrk2: - is a constant throughput, correct latency recording variant of wrk.https://github.com/tsenart/vegeta
vegeta: - is a constant throughput, correct latency recording variant of wrk.https://github.com/codesenberg/bombardier
bombardier: - is a fast cross-platform HTTP benchmarking tool written in Go.https://github.com/cmpxchg16/gobench
gobench: - http/https load testing and benchmarking tool.https://github.com/rakyll/hey
hey: - HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom.https://github.com/tarekziade/boom
boom: - is a script you can use to quickly smoke-test your web app deployment.https://github.com/shekyan/slowhttptest
SlowHTTPTest: - is a tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP.https://github.com/OJ/gobuster
gobuster: - is a free and open source directory/file & DNS busting tool written in Go.https://github.com/ssllabs/ssllabs-scan
ssllabs-scan: - command-line reference-implementation client for SSL Labs APIs.https://github.com/mozilla/http-observatory
http-observatory: - Mozilla HTTP Observatory cli version.https://hurl.dev
Hurl: - is a command line tool to run and test HTTP requests with plain text.
SSL
https://www.openssl.org/
openssl: - is a robust, commercial-grade, and full-featured toolkit for the TLS and SSL protocols.https://gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html
gnutls-cli: - client program to set up a TLS connection to some other computer.-
https://github.com/nabla-c0d3/sslyze
sslyze-
- fast and powerful SSL/TLS server scanning library.
https://github.com/rbsec/sslscan
sslscan: - tests SSL/TLS enabled services to discover supported cipher suites.https://github.com/drwetter/testssl.sh
testssl.sh: - testing TLS/SSL encryption anywhere on any port.https://github.com/mozilla/cipherscan
cipherscan: - a very simple way to find out which SSL ciphersuites are supported by a target.http://www.tarsnap.com/spiped.html
spiped: - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.https://github.com/certbot/certbot
Certbot: - is EFF’s tool to obtain certs from Let’s Encrypt and (optionally) auto-enable HTTPS on your server.https://github.com/FiloSottile/mkcert
mkcert: - simple zero-config tool to make locally trusted development certificates with any names you’d like.https://github.com/square/certstrap
certstrap: - tools to bootstrap CAs, certificate requests, and signed certificates.https://github.com/yassineaboukir/sublert
Sublert: - is a security and reconnaissance tool to automatically monitor new subdomains.https://github.com/trimstray/mkchain
mkchain: - open source tool to help you build a valid SSL certificate chain.https://github.com/Matty9191/ssl-cert-check
ssl-cert-check: - SSL Certification Expiration Checker.
Security
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/ch-selinux
SELinux: - provides a flexible Mandatory Access Control (MAC) system built into the Linux kernel.https://wiki.ubuntu.com/AppArmor
AppArmor: - proactively protects the operating system and applications from external or internal threats.https://github.com/grapheneX/grapheneX
grapheneX: - Automated System Hardening Framework.https://github.com/dev-sec/
DevSec Hardening Framework: - Security + DevOps: Automatic Server Hardening.
Auditing Tools
https://www.ossec.net/
ossec: - actively monitoring all aspects of system activity with file integrity monitoring.https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/chap-system_auditing
auditd: - provides a way to track security-relevant information on your system.https://www.nongnu.org/tiger/
Tiger: - is a security tool that can be use both as a security audit and intrusion detection system.https://cisofy.com/lynis/
Lynis: - battle-tested security tool for systems running Linux, macOS, or Unix-based operating system.https://github.com/rebootuser/LinEnum
LinEnum: - scripted Local Linux Enumeration & Privilege Escalation Checks.https://github.com/installation/rkhunter
Rkhunter: - scanner tool for Linux systems that scans backdoors, rootkits and local exploits on your systems.https://github.com/hasherezade/pe-sieve
PE-sieve: - is a light-weight tool that helps to detect malware running on the system.https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite
PEASS: - privilege escalation tools for Windows and Linux/Unix and MacOS.
System Diagnostics/Debuggers
https://github.com/strace/strace
strace: - diagnostic, debugging and instructional userspace utility for Linux.http://dtrace.org/blogs/about/
DTrace: - is a performance analysis and troubleshooting tool.https://en.wikipedia.org/wiki/Ltrace
ltrace: - is a library call tracer, used to trace calls made by programs to library functions.https://github.com/brainsmoke/ptrace-burrito
ptrace-burrito: - is a friendly wrapper around ptrace.https://github.com/brendangregg/perf-tools
perf-tools: - performance analysis tools based on Linux perf_events (aka perf) and ftrace.https://github.com/iovisor/bpftrace
bpftrace: - high-level tracing language for Linux eBPF.https://github.com/draios/sysdig
sysdig: - system exploration and troubleshooting tool with first class support for containers.http://www.valgrind.org/
Valgrind: - is an instrumentation framework for building dynamic analysis tools.https://github.com/gperftools/gperftools
gperftools: - high-performance multi-threaded malloc() implementation, plus some performance analysis tools.https://nicolargo.github.io/glances/
glances: - cross-platform system monitoring tool written in Python.https://github.com/hishamhm/htop
htop: - interactive text-mode process viewer for Unix systems. It aims to be a better ‘top’.https://github.com/aristocratos/bashtop
bashtop: - Linux resource monitor written in pure Bash.http://nmon.sourceforge.net/pmwiki.php
nmon: - a single executable for performance monitoring and data analysis.https://www.atoptool.nl/
atop: - ASCII performance monitor. Includes statistics for CPU, memory, disk, swap, network, and processes.https://en.wikipedia.org/wiki/Lsof
lsof: - displays in its output information about files that are opened by processes.http://www.brendangregg.com/flamegraphs.html
FlameGraph: - stack trace visualizer.https://github.com/zevv/lsofgraph
lsofgraph: - convert Unix lsof output to a graph showing FIFO and UNIX interprocess communication.https://github.com/mozilla/rr
rr: - is a lightweight tool for recording, replaying and debugging execution of applications.https://pcp.io/index.html
Performance Co-Pilot: - a system performance analysis toolkit.https://github.com/sharkdp/hexyl
hexyl: - a command-line hex viewer.https://github.com/p403n1x87/austin
Austin: - Python frame stack sampler for CPython.
Log Analyzers
https://github.com/rcoh/angle-grinder
angle-grinder: - slice and dice log files on the command line.https://lnav.org
lnav: - log file navigator with search and automatic refresh.https://goaccess.io/
GoAccess: - real-time web log analyzer and interactive viewer that runs in a terminal.https://github.com/lebinh/ngxtop
ngxtop: - real-time metrics for nginx server.
Databases
https://github.com/xo/usql
usql: - universal command-line interface for SQL databases.https://github.com/dbcli/pgcli
pgcli: - postgres CLI with autocompletion and syntax highlighting.https://github.com/dbcli/mycli
mycli: - terminal client for MySQL with autocompletion and syntax highlighting.https://github.com/dbcli/litecli
litecli: - SQLite CLI with autocompletion and syntax highlighting.https://github.com/dbcli/mssql-cli
mssql-cli: - SQL Server CLI with autocompletion and syntax highlighting.https://github.com/osquery/osquery
OSQuery: - is a SQL powered operating system instrumentation, monitoring, and analytics framework.https://github.com/ankane/pgsync
pgsync: - sync data from one Postgres database to another.https://github.com/laixintao/iredis
iredis: - a terminal client for redis with autocompletion and syntax highlighting.https://www.schemacrawler.com/diagramming.html
SchemaCrawler: - generates an E-R diagram of your database.
TOR
https://github.com/GouveaHeitor/nipe
Nipe: - script to make Tor Network your default gateway.https://github.com/trimstray/multitor
multitor: - a tool that lets you create multiple TOR instances with a load-balancing.
Messengers/IRC Clients
https://irssi.org
Irssi: - is a free open source terminal based IRC client.https://weechat.org/
WeeChat: - is an extremely extensible and lightweight IRC client.
Productivity
https://taskwarrior.org
taskwarrior: - task management system, todo list
Other
https://github.com/skx/sysadmin-util
sysadmin-util: - tools for Linux/Unix sysadmins.http://inotify.aiken.cz/
incron: - is an inode-based filesystem notification technology.https://github.com/axkibe/lsyncd
lsyncd: - synchronizes local directories with remote targets (Live Syncing Daemon).https://github.com/rgburke/grv
GRV: - is a terminal based interface for viewing Git repositories.https://jonas.github.io/tig/
Tig: - text-mode interface for Git.https://github.com/tldr-pages/tldr
tldr: - simplified and community-driven man pages.https://github.com/mholt/archiver
archiver: - easily create and extract .zip, .tar, .tar.gz, .tar.bz2, .tar.xz, .tar.lz4, .tar.sz, and .rar.https://github.com/tj/commander.js
commander.js: - minimal CLI creator in JavaScript.https://github.com/tomnomnom/gron
gron: - make JSON greppable!https://github.com/itchyny/bed
bed: - binary editor written in Go.
Reference
https://github.com/trimstray/the-book-of-secret-knowledge
https://github.com/stars/j178/lists/modern-cli