This project demonstrates practical Linux knowledge used in Cyber Threat Intelligence (CTI), security operations, threat hunting, incident response, network monitoring, and security automation.
Linux is widely used for security monitoring, forensic investigation, malware analysis, automation, cloud infrastructure, and cybersecurity operations. This project documents practical Linux commands, expected outputs, and security-focused use cases.
The objective is to strengthen Linux administration, monitoring, investigation, and automation skills commonly used in modern cybersecurity environments.
Basic system identification commands help determine the operating environment before beginning security analysis.
cat /etc/os-releaseNAME="Ubuntu"
VERSION="22.04.3 LTS"whoamiameinhostnamecti-labFilesystem navigation is essential for locating logs, evidence, configuration files, and security artifacts.
pwd/home/ameinls -ladrwxr-xr-x Documents
drwxr-xr-x Downloads
-rw-r--r-- report.txtmkdir cti-projecttouch report.txtFile permissions help control access to sensitive information and system resources.
ls -l report.txt-rw-r--r-- 1 amein amein report.txtchmod 600 report.txtsudo chown root:root report.txtNetworking utilities help identify active connections, troubleshoot communication issues, and support threat investigations.
ip ainet 192.168.1.20/24ping google.com64 bytes from google.comnslookup google.comAddress: 142.250.xxx.xxxThis project demonstrates Linux administration, security monitoring, network troubleshooting, log analysis, Bash automation, and core Cyber Threat Intelligence workflows.
Linux remains one of the most important platforms for cybersecurity operations. Through practical command-line usage, filesystem management, networking tools, logging utilities, and automation techniques, this project provides a structured foundation for CTI, SOC, and incident response activities.