Skip to content

Efficient CLI Tools for DevOps

homepage-banner

Introduction

DevOps engineers are responsible for managing and automating the development and deployment processes. They need efficient tools to streamline their tasks and increase productivity. CLI tools are essential for DevOps engineers to streamline their tasks and improve efficiency. In this blog post, we will explore some of the most powerful and useful command-line interface (CLI) tools that every DevOps engineer should have in their toolkit.

CLI Tools

Shells

  • https://www.gnu.org/software/bash/ GNU Bash: - is an sh-compatible shell that incorporates useful features from the Korn shell and C shell.
  • https://www.zsh.org/ Zsh: - is a shell designed for interactive use, although it is also a powerful scripting language.
  • https://tcl-lang.org/ tclsh: - is a very powerful cross-platform shell, suitable for a huge range of uses.
  • https://github.com/Bash-it/bash-it bash-it: - is a framework for using, developing and maintaining shell scripts and custom commands.
  • https://ohmyz.sh/ Oh My ZSH!: - is the best framework for managing your Zsh configuration.
  • https://github.com/oh-my-fish/oh-my-fish Oh My Fish: - the Fishshell framework.
  • https://github.com/starship/starship Starship: - the cross-shell prompt written in Rust.
  • https://github.com/romkatv/powerlevel10k powerlevel10k: - is a fast reimplementation of Powerlevel9k ZSH theme.

Shell plugins

  • https://github.com/rupa/z z: - tracks the folder you use the most and allow you to jump, without having to type the whole path.
  • https://github.com/junegunn/fzf fzf: - is a general-purpose command-line fuzzy finder.
  • https://github.com/zsh-users/zsh-autosuggestions zsh-autosuggestions: - Fish-like autosuggestions for Zsh.
  • https://github.com/zsh-users/zsh-syntax-highlighting zsh-syntax-highlighting: - Fish shell like syntax highlighting for Zsh.
  • https://github.com/unixorn/awesome-zsh-plugins Awesome ZSH Plugins: - A list of frameworks, plugins, themes and tutorials for ZSH.

Managers

  • https://midnight-commander.org/ Midnight Commander: - is a visual file manager, licensed under GNU General Public License.
  • https://github.com/ranger/ranger ranger: - is a VIM-inspired filemanager for the console.
  • https://github.com/jarun/nnn nnn: - is a tiny, lightning fast, feature-packed file manager.
  • https://www.gnu.org/software/screen/ screen: - is a full-screen window manager that multiplexes a physical terminal.
  • https://github.com/tmux/tmux/wiki tmux: - is a terminal multiplexer, lets you switch easily between several programs in one terminal.
  • https://github.com/peikk0/tmux-cssh tmux-cssh: - is a tool to set comfortable and easy to use functionality, clustering and synchronizing tmux-sessions.

Text editors

  • http://ex-vi.sourceforge.net/ vi: - is one of the most common text editors on Unix.
  • https://www.vim.org/ vim: - is a highly configurable text editor.
  • https://www.gnu.org/software/emacs/ emacs: - is an extensible, customizable, free/libre text editor, and more.
  • https://github.com/zyedidia/micro micro: - is a modern and intuitive terminal-based text editor.
  • https://neovim.io/ neovim: - is a free open source, powerful, extensible and usable code editor.
  • https://www.spacemacs.org/ spacemacs: - a community-driven Emacs distribution.
  • https://spacevim.org/ spacevim: - a community-driven vim distribution.

Files and directories

  • https://github.com/sharkdp/fd fd: - is a simple, fast and user-friendly alternative to find.
  • https://dev.yorhel.nl/ncdu ncdu: - is an easy to use, fast disk usage analyzer.

Network

  • https://www.putty.org/ PuTTY: - is an SSH and telnet client, developed originally by Simon Tatham.
  • https://mosh.org/ Mosh: - is a SSH wrapper designed to keep a SSH session alive over a volatile connection.
  • https://eternalterminal.dev/ Eternal Terminal: - enables mouse-scrolling and tmux commands inside the SSH session.
  • https://nmap.org/ nmap: - is a free and open source (license) utility for network discovery and security auditing.
  • https://github.com/zmap/zmap zmap: - is a fast single packet network scanner designed for Internet-wide network surveys.
  • https://github.com/RustScan/RustScan Rust Scan: - to find all open ports faster than Nmap.
  • https://github.com/robertdavidgraham/masscan masscan: - is the fastest Internet port scanner, spews SYN packets asynchronously.
  • https://github.com/gvb84/pbscan pbscan: - is a faster and more efficient stateless SYN scanner and banner grabber.
  • http://www.hping.org/ hping: - is a command-line oriented TCP/IP packet assembler/analyzer.
  • https://github.com/traviscross/mtr mtr: - is a tool that combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single tool.
  • https://github.com/mehrdadrad/mylg mylg: - utility which combines the functions of the different network probes in one diagnostic tool.
  • http://netcat.sourceforge.net/ netcat: - utility which reads and writes data across network connections, using the TCP/IP protocol.
  • http://www.dest-unreach.org/socat/ socat: - utility which transfers data between two objects.
  • https://www.tcpdump.org/ tcpdump: - is a powerful command-line packet analyzer.
  • https://www.wireshark.org/docs/man-pages/tshark.html tshark: - is a tool that allows us to dump and analyze network traffic (wireshark cli).
  • https://termshark.io/ Termshark: - is a simple terminal user-interface for tshark.
  • https://github.com/jpr5/ngrep ngrep: - is like GNU grep applied to the network layer.
  • http://netsniff-ng.org/ netsniff-ng: - is a Swiss army knife for your daily Linux network plumbing if you will.
  • https://github.com/mechpen/sockdump sockdump: - dump unix domain socket traffic.
  • https://github.com/google/stenographer stenographer: - is a packet capture solution which aims to quickly spool all packets to disk.
  • https://github.com/sachaos/tcpterm tcpterm: - visualize packets in TUI.
  • https://github.com/tgraf/bmon bmon: - is a monitoring and debugging tool to capture networking related statistics and prepare them visually.
  • http://iptraf.seul.org/2.6/manual.html#installation iptraf-ng: - is a console-based network monitoring program for Linux that displays information about IP traffic.
  • https://github.com/vergoh/vnstat vnstat: - is a network traffic monitor for Linux and BSD.
  • https://iperf.fr/ iPerf3: - is a tool for active measurements of the maximum achievable bandwidth on IP networks.
  • https://github.com/Microsoft/Ethr ethr: - is a Network Performance Measurement Tool for TCP, UDP & HTTP.
  • https://github.com/jwbensley/Etherate Etherate: - is a Linux CLI based Ethernet and MPLS traffic testing tool.
  • https://github.com/mpolden/echoip echoip: - is a IP address lookup service.
  • https://github.com/troglobit/nemesis Nemesis: - packet manipulation CLI tool; craft and inject packets of several protocols.
  • https://github.com/packetfu/packetfu packetfu: - a mid-level packet manipulation library for Ruby.
  • https://scapy.net/ Scapy: - packet manipulation library; forge, send, decode, capture packets of a wide number of protocols.
  • https://github.com/SecureAuthCorp/impacket impacket: - is a collection of Python classes for working with network protocols.
  • https://github.com/arthepsy/ssh-audit ssh-audit: - is a tool for SSH server auditing.
  • https://aria2.github.io/ aria2: - is a lightweight multi-protocol & multi-source command-line download utility.
  • https://github.com/x-way/iptables-tracer iptables-tracer: - observe the path of packets through the iptables chains.
  • https://github.com/proabiral/inception inception: - a highly configurable tool to check for whatever you like against any number of hosts.
  • https://mremoteng.org/ mRemoteNG: - a fork of mRemote, multi-tabbed PuTTy on steroids!

Network (DNS)

  • https://github.com/farrokhi/dnsdiag dnsdiag: - is a DNS diagnostics and performance measurement tools.
  • https://github.com/mschwager/fierce fierce: - is a DNS reconnaissance tool for locating non-contiguous IP space.
  • https://github.com/subfinder/subfinder subfinder: - is a subdomain discovery tool that discovers valid subdomains for websites.
  • https://github.com/aboul3la/Sublist3r sublist3r: - is a fast subdomains enumeration tool for penetration testers.
  • https://github.com/OWASP/Amass amass: - is tool that obtains subdomain names by scraping data sources, crawling web archives, and more.
  • https://github.com/google/namebench namebench: - provides personalized DNS server recommendations based on your browsing history.
  • https://github.com/blechschmidt/massdns massdns: - is a high-performance DNS stub resolver for bulk lookups and reconnaissance.
  • https://github.com/guelfoweb/knock knock: - is a tool to enumerate subdomains on a target domain through a wordlist.
  • https://github.com/DNS-OARC/dnsperf dnsperf: - DNS performance testing tools.
  • https://github.com/jedisct1/dnscrypt-proxy dnscrypt-proxy 2: - a flexible DNS proxy, with support for encrypted DNS protocols.
  • https://github.com/dnsdb/dnsdbq dnsdbq: - API client providing access to passive DNS database systems.
  • https://github.com/looterz/grimd grimd: - fast dns proxy, built to black-hole internet advertisements and malware servers.
  • https://github.com/elceef/dnstwist dnstwist: - detect typosquatters, phishing attacks, fraud, and brand impersonation.

Network (HTTP)

  • https://curl.haxx.se/ curl: - is a command line tool and library for transferring data with URLs.
  • https://gitlab.com/davidjpeacock/kurly kurly: - is an alternative to the widely popular curl program, written in Golang.
  • https://github.com/jakubroztocil/httpie HTTPie: - is an user-friendly HTTP client.
  • https://github.com/asciimoo/wuzz wuzz: - is an interactive cli tool for HTTP inspection.
  • https://github.com/summerwind/h2spec h2spec: - is a conformance testing tool for HTTP/2 implementation.
  • https://github.com/gildasio/h2t h2t: - is a simple tool to help sysadmins to hardening their websites.
  • https://github.com/trimstray/htrace.sh htrace.sh: - is a simple Swiss Army knife for http/https troubleshooting and profiling.
  • https://github.com/reorx/httpstat httpstat: - is a tool that visualizes curl statistics in a way of beauty and clarity.
  • https://github.com/gchaincl/httplab httplab: - is an interactive web server.
  • https://lynx.browser.org/ Lynx: - is a text browser for the World Wide Web.
  • https://github.com/browsh-org/browsh/ Browsh: - is a fully interactive, real-time, and modern text-based browser.
  • https://github.com/dhamaniasad/HeadlessBrowsers HeadlessBrowsers: - a list of (almost) all headless web browsers in existence.
  • https://httpd.apache.org/docs/2.4/programs/ab.html ab: - is a single-threaded command line tool for measuring the performance of HTTP web servers.
  • https://www.joedog.org/siege-home/ siege: - is an http load testing and benchmarking utility.
  • https://github.com/wg/wrk wrk: - is a modern HTTP benchmarking tool capable of generating significant load.
  • https://github.com/giltene/wrk2 wrk2: - is a constant throughput, correct latency recording variant of wrk.
  • https://github.com/tsenart/vegeta vegeta: - is a constant throughput, correct latency recording variant of wrk.
  • https://github.com/codesenberg/bombardier bombardier: - is a fast cross-platform HTTP benchmarking tool written in Go.
  • https://github.com/cmpxchg16/gobench gobench: - http/https load testing and benchmarking tool.
  • https://github.com/rakyll/hey hey: - HTTP load generator, ApacheBench (ab) replacement, formerly known as rakyll/boom.
  • https://github.com/tarekziade/boom boom: - is a script you can use to quickly smoke-test your web app deployment.
  • https://github.com/shekyan/slowhttptest SlowHTTPTest: - is a tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP.
  • https://github.com/OJ/gobuster gobuster: - is a free and open source directory/file & DNS busting tool written in Go.
  • https://github.com/ssllabs/ssllabs-scan ssllabs-scan: - command-line reference-implementation client for SSL Labs APIs.
  • https://github.com/mozilla/http-observatory http-observatory: - Mozilla HTTP Observatory cli version.
  • https://hurl.dev Hurl: - is a command line tool to run and test HTTP requests with plain text.

SSL

  • https://www.openssl.org/ openssl: - is a robust, commercial-grade, and full-featured toolkit for the TLS and SSL protocols.
  • https://gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html gnutls-cli: - client program to set up a TLS connection to some other computer.
  • https://github.com/nabla-c0d3/sslyze sslyze
    • fast and powerful SSL/TLS server scanning library.
  • https://github.com/rbsec/sslscan sslscan: - tests SSL/TLS enabled services to discover supported cipher suites.
  • https://github.com/drwetter/testssl.sh testssl.sh: - testing TLS/SSL encryption anywhere on any port.
  • https://github.com/mozilla/cipherscan cipherscan: - a very simple way to find out which SSL ciphersuites are supported by a target.
  • http://www.tarsnap.com/spiped.html spiped: - is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
  • https://github.com/certbot/certbot Certbot: - is EFF’s tool to obtain certs from Let’s Encrypt and (optionally) auto-enable HTTPS on your server.
  • https://github.com/FiloSottile/mkcert mkcert: - simple zero-config tool to make locally trusted development certificates with any names you’d like.
  • https://github.com/square/certstrap certstrap: - tools to bootstrap CAs, certificate requests, and signed certificates.
  • https://github.com/yassineaboukir/sublert Sublert: - is a security and reconnaissance tool to automatically monitor new subdomains.
  • https://github.com/trimstray/mkchain mkchain: - open source tool to help you build a valid SSL certificate chain.
  • https://github.com/Matty9191/ssl-cert-check ssl-cert-check: - SSL Certification Expiration Checker.

Security

  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/ch-selinux SELinux: - provides a flexible Mandatory Access Control (MAC) system built into the Linux kernel.
  • https://wiki.ubuntu.com/AppArmor AppArmor: - proactively protects the operating system and applications from external or internal threats.
  • https://github.com/grapheneX/grapheneX grapheneX: - Automated System Hardening Framework.
  • https://github.com/dev-sec/ DevSec Hardening Framework: - Security + DevOps: Automatic Server Hardening.

Auditing Tools

  • https://www.ossec.net/ ossec: - actively monitoring all aspects of system activity with file integrity monitoring.
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/chap-system_auditing auditd: - provides a way to track security-relevant information on your system.
  • https://www.nongnu.org/tiger/ Tiger: - is a security tool that can be use both as a security audit and intrusion detection system.
  • https://cisofy.com/lynis/ Lynis: - battle-tested security tool for systems running Linux, macOS, or Unix-based operating system.
  • https://github.com/rebootuser/LinEnum LinEnum: - scripted Local Linux Enumeration & Privilege Escalation Checks.
  • https://github.com/installation/rkhunter Rkhunter: - scanner tool for Linux systems that scans backdoors, rootkits and local exploits on your systems.
  • https://github.com/hasherezade/pe-sieve PE-sieve: - is a light-weight tool that helps to detect malware running on the system.
  • https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite PEASS: - privilege escalation tools for Windows and Linux/Unix and MacOS.

System Diagnostics/Debuggers

  • https://github.com/strace/strace strace: - diagnostic, debugging and instructional userspace utility for Linux.
  • http://dtrace.org/blogs/about/ DTrace: - is a performance analysis and troubleshooting tool.
  • https://en.wikipedia.org/wiki/Ltrace ltrace: - is a library call tracer, used to trace calls made by programs to library functions.
  • https://github.com/brainsmoke/ptrace-burrito ptrace-burrito: - is a friendly wrapper around ptrace.
  • https://github.com/brendangregg/perf-tools perf-tools: - performance analysis tools based on Linux perf_events (aka perf) and ftrace.
  • https://github.com/iovisor/bpftrace bpftrace: - high-level tracing language for Linux eBPF.
  • https://github.com/draios/sysdig sysdig: - system exploration and troubleshooting tool with first class support for containers.
  • http://www.valgrind.org/ Valgrind: - is an instrumentation framework for building dynamic analysis tools.
  • https://github.com/gperftools/gperftools gperftools: - high-performance multi-threaded malloc() implementation, plus some performance analysis tools.
  • https://nicolargo.github.io/glances/ glances: - cross-platform system monitoring tool written in Python.
  • https://github.com/hishamhm/htop htop: - interactive text-mode process viewer for Unix systems. It aims to be a better ‘top’.
  • https://github.com/aristocratos/bashtop bashtop: - Linux resource monitor written in pure Bash.
  • http://nmon.sourceforge.net/pmwiki.php nmon: - a single executable for performance monitoring and data analysis.
  • https://www.atoptool.nl/ atop: - ASCII performance monitor. Includes statistics for CPU, memory, disk, swap, network, and processes.
  • https://en.wikipedia.org/wiki/Lsof lsof: - displays in its output information about files that are opened by processes.
  • http://www.brendangregg.com/flamegraphs.html FlameGraph: - stack trace visualizer.
  • https://github.com/zevv/lsofgraph lsofgraph: - convert Unix lsof output to a graph showing FIFO and UNIX interprocess communication.
  • https://github.com/mozilla/rr rr: - is a lightweight tool for recording, replaying and debugging execution of applications.
  • https://pcp.io/index.html Performance Co-Pilot: - a system performance analysis toolkit.
  • https://github.com/sharkdp/hexyl hexyl: - a command-line hex viewer.
  • https://github.com/p403n1x87/austin Austin: - Python frame stack sampler for CPython.

Log Analyzers

  • https://github.com/rcoh/angle-grinder angle-grinder: - slice and dice log files on the command line.
  • https://lnav.org lnav: - log file navigator with search and automatic refresh.
  • https://goaccess.io/ GoAccess: - real-time web log analyzer and interactive viewer that runs in a terminal.
  • https://github.com/lebinh/ngxtop ngxtop: - real-time metrics for nginx server.

Databases

  • https://github.com/xo/usql usql: - universal command-line interface for SQL databases.
  • https://github.com/dbcli/pgcli pgcli: - postgres CLI with autocompletion and syntax highlighting.
  • https://github.com/dbcli/mycli mycli: - terminal client for MySQL with autocompletion and syntax highlighting.
  • https://github.com/dbcli/litecli litecli: - SQLite CLI with autocompletion and syntax highlighting.
  • https://github.com/dbcli/mssql-cli mssql-cli: - SQL Server CLI with autocompletion and syntax highlighting.
  • https://github.com/osquery/osquery OSQuery: - is a SQL powered operating system instrumentation, monitoring, and analytics framework.
  • https://github.com/ankane/pgsync pgsync: - sync data from one Postgres database to another.
  • https://github.com/laixintao/iredis iredis: - a terminal client for redis with autocompletion and syntax highlighting.
  • https://www.schemacrawler.com/diagramming.html SchemaCrawler: - generates an E-R diagram of your database.

TOR

  • https://github.com/GouveaHeitor/nipe Nipe: - script to make Tor Network your default gateway.
  • https://github.com/trimstray/multitor multitor: - a tool that lets you create multiple TOR instances with a load-balancing.

Messengers/IRC Clients

  • https://irssi.org Irssi: - is a free open source terminal based IRC client.
  • https://weechat.org/ WeeChat: - is an extremely extensible and lightweight IRC client.

Productivity

  • https://taskwarrior.org taskwarrior: - task management system, todo list

Other

  • https://github.com/skx/sysadmin-util sysadmin-util: - tools for Linux/Unix sysadmins.
  • http://inotify.aiken.cz/ incron: - is an inode-based filesystem notification technology.
  • https://github.com/axkibe/lsyncd lsyncd: - synchronizes local directories with remote targets (Live Syncing Daemon).
  • https://github.com/rgburke/grv GRV: - is a terminal based interface for viewing Git repositories.
  • https://jonas.github.io/tig/ Tig: - text-mode interface for Git.
  • https://github.com/tldr-pages/tldr tldr: - simplified and community-driven man pages.
  • https://github.com/mholt/archiver archiver: - easily create and extract .zip, .tar, .tar.gz, .tar.bz2, .tar.xz, .tar.lz4, .tar.sz, and .rar.
  • https://github.com/tj/commander.js commander.js: - minimal CLI creator in JavaScript.
  • https://github.com/tomnomnom/gron gron: - make JSON greppable!
  • https://github.com/itchyny/bed bed: - binary editor written in Go.

Reference

  • https://github.com/trimstray/the-book-of-secret-knowledge
  • https://github.com/stars/j178/lists/modern-cli
Leave a message