O'Reilly logo
live online training icon Live Online training

Rapid CyberOps

Attack, Defend, and Analyze using the Command Line

Paul Troncone
Carl Albing

Security professionals have many choices for operations and incident response software applications, but none of these tools can match the availability, flexibility, and agility of the command line. The standard command line, especially bash, continues to be an invaluable asset for conducting cybersecurity operations. Many tools of the trade such as Metasploit, Nmap, and Snort require command line proficiency simply to use them. During penetration testing, your only option may be to use a command line interface when interacting with a target system, particularly in the early stages of an intrusion. By learning to master the command line you will be able to rapidly create and prototype complex capabilities with as little as a single line of pipelined commands.

What you'll learn-and how you can apply it

By the end of this live, hands-on, online course, you’ll understand:

  • Why the command line is a critical skill for cybersecurity practitioners
  • Options for running commands and scripts in Linux and Windows
  • How to leverage the command line to analyze data and defend information systems
  • Using bash to enhance the command line and expand your toolkit

And you’ll be able to:

  • Run commands across platforms
  • Create one-liners to search for and analyze data
  • Develop scripts to automate cybersecurity tasks

This training course is for you because...

  • You are a network administrator
  • You are a cybersecurity practitioners looking to develop skills in the command line and bash
  • You are a student studying cybersecurity


  • Simple command line exposure (commands, i/o redirection, pipeline of commands)
  • Rudimentary cybersecurity concepts

Recommended preparation:

  • Windows 10 users should install “git” on their system, thereby installing git bash. Linux users are good to go.

Recommended follow-up:

About your instructor

  • Paul Troncone has 20 years of experience in the cybersecurity and information technology fields. In 2009, Paul founded the Digadel Corporation, where he performs independent cybersecurity consulting and software development. He holds a Bachelor of Arts in computer science from Pace University, an MS in computer science from the Tandon School of Engineering at New York University (formerly Polytechnic University), and is a Certified Information Systems Security Professional. Paul has served in a variety of roles, including as a vulnerability analyst, software developer, penetration tester, and college professor.

  • Carl Albing is a teacher, researcher, and software engineer with a breadth of industry experience. A coauthor of bash Cookbook (O’Reilly), he has worked in software for companies large and small, across a variety of software industries. He has a BA in mathematics, a Masters in International Management (MIM), and a PhD in computer science. He has recently spent time in academia as a Distinguished Visiting Professor in the Department of Computer Science at the US Naval Academy, where he taught courses on programming languages, compilers, high-performance computing, and advanced shell scripting. He is currently a research professor in the Data Science and Analytics Group at the Naval Postgraduate School.


The timeframes are only estimates and may vary according to how the class is progressing

Introduction (5 Minutes)

  • Presentation:
  • Overview
  • Cybersecurity and the command line
  • Running commands across platforms

Analyze (40 minutes)

  • Presentation:
  • One-Liners - Slicing and dicing data with the command line
  • Scripts - Detecting anomalies and displaying information
  • Exercises
  • Q&A

Defend (45 minutes)

  • Presentation:
  • One-Liners - Searching for data and activity
  • Scripts - Baseline creation and comparisons
  • Exercises
  • Q&A
  • Break (5 minutes)

Attack (30 minutes)

  • Presentation:
  • Script obfuscation
  • Sockets and the one-line backdoor
  • Q&A