You dont have javascript enabled! Please enable it!

Day 7 OSCP | Text Searching and Manipulation

Reading Time: ( Word Count: )

December 26, 2020


Hi fellow hackers, although we haven’t done much than just covering commands, it’s a necessary step before jumping into hacking. I used to try “hacking” with Youtube tutorials initially, but when you get to the point that something doesn’t work and can’t resolve it immediately, it gets frustrating. So to become real hackers and no script kiddies, we need to know how to troubleshoot and use certain tools to make our lives easier in the long run. And rely less on forums, tips and tricks from others.

Today we’ll cover four commands: grep, sed, cut and awk. These are commands we’ll use pretty often when dealing with text files and make them look a certain way before passing them into other tools or commands. Or for making large logs human-readable and searching in them.



Let us start with the most popular one, grep. Grep stands for Global Regular Expression Print.

Grep searches for patterns in text files, more specifically for regular expressions and outputs or prints any line containing a match to the standard output.

  ┌──(kali㉿kali)-[~]      └─$ grep kali /etc/passwd kali:x:1000:1000:Kali,,,:/home/kali:/usr/bin/zsh
  ┌──(kali㉿kali)-[~]      └─$ grep Kali /etc/passwd kali:x:1000:1000:Kali,,,:/home/kali:/usr/bin/zsh
  ┌──(kali㉿kali)-[~]      └─$ grep -i kali /etc/passwd kali:x:1000:1000:Kali,,,:/home/kali:/usr/bin/zsh


Above we searched for the word “kali” in the “passwd” file. Grep by default is case sensitive, so it only found two results and printed the line containing them. Using the “-i” option, it found three results, containing “Kali” with a capital letter.

Another useful example will be for searching in all files in the current directory. Herefore we’ll use an asterisk (*) after the search pattern.

We can also search recursively, i.e. read all files under each directory for a string “kali” with the “-r” option.

And the last example is for printing the exact search string, using the “-x” option.

  ┌──(kali㉿kali)-[~]      └─$ grep -i kali * example1.txt:kali is my favorite operating system example2.txt:Most widely used system for pentesting is Kali example3.txt:I love kali
  ┌──(kali㉿kali)-[~]      └─$ grep -r kali etc/ etc/theHarvester/names_small.txt:kalinovsky-k etc/theHarvester/names_small.txt:kalithies etc/theHarvester/names_small.txt:sayasukalirik etc/theHarvester/names_small.txt:chakali etc/theHarvester/names_small.txt:kalintv6 ...
  ┌──(kali㉿kali)-[~]      └─$ grep -r -x kali etc/ etc/theHarvester/dns-big.txt:kali etc/hostname:kali




Sed stands for stream editor, and it can perform functions like searching, find and replace, insertion or deletion in text files. Most commonly used to find and replace.

By default, the sed command replaces the first occurrence of the pattern in each line, and it won’t replace the second, third…occurrence in the line, as seen below.

By adding the “g” option standing for global, we replace all occurrences. In case you only want to replace the first, second, or third occurrence of the pattern, use 1, 2 or 3 instead.

Sed is a powerful command, so there’s a lot more we can do as it is the case with grep. We’ll explore them more later on in action.

  ┌──(kali㉿kali)-[~]      └─$ cat kali.txt ubuntu is a very powerful OS for pentesters, ubuntu is life, ubuntu is all.
  ┌──(kali㉿kali)-[~]      └─$ cat kali.txt | sed 's/ubuntu/kali/' kali is a very powerful OS for pentesters, ubuntu is life, ubuntu is all.
  ┌──(kali㉿kali)-[~]      └─$ cat kali.txt | sed 's/ubuntu/kali/g' kali is a very powerful OS for pentesters, kali is life, kali is all.




The cut command is used to cut a section of text from a line and output it to the standard output. Cut can be used to cut parts of a line by byte position, character and field. 

The most commonly-used switches include “-f” for the field number we are cutting and “-d” for the field delimiter.

  ┌──(kali㉿kali)-[~]      └─$ cat kali2.txt I've heard hackers have hobbies, such as lock picking, HackNet, OverTheWire, etc.
  ┌──(kali㉿kali)-[~]      └─$ cat kali2.txt | cut -d "," -f1 I've heard hackers have hobbies
  ┌──(kali㉿kali)-[~]      └─$ cat kali2.txt | cut -d "," -f3 HackNet


The cat command’s output is passed to cut, which prints the specified field using “, as the delimiter.


Awk” is a scripting language designed for advanced text processing on the command line, mostly used as a reporting and analysis tool. We can say that “awk” is the advanced version of the “cut” command.

By default, the field delimiter is a space character. Unlike with “cut”, we can define more than a single character as a field separator. Let’s do a few examples.

  ┌──(kali㉿kali)-[~]      └─$ date | awk '{print $3,$2,$4}' Dec 26 2020
  ┌──(kali㉿kali)-[~]      └─$ echo "How::are::you?" | -F "::" '{print $1,$2,$3}' How are you?
  ┌──(kali㉿kali)-[~]      └─$ echo "How=:=:are=:=:you?" | -F "=:=:" '{print $1,$2,$3}' How are you?
author bio

Author bio

Hi there, my name is Aydan, and I share exciting information about cyber security and ethical hacking, a.k.a pen-testing.

Other interesting articles

How to Secure a Youtube Channel?

How to Secure a Youtube Channel?

Youtube is an excellent platform for promoting your brand. People set up different channels with YouTube ...
How Secure is Snapchat?

How Secure is Snapchat?

It's necessary to recognise Snapchat's influence in the social media world. It's a service that has been around ...
Pig Butchering Scam; What is it and How to Avoid it?

Pig Butchering Scam; What is it and How to Avoid it?

Cybercriminals have no limitations, and this even includes stealing your cryptocurrency. The hackers use a variety ...
What is a Common Indicator of a Phishing Attempt?

What is a Common Indicator of a Phishing Attempt?

In the current state of cyberwar, everyone is a target. Trusting IT and security professionals to detect all ...

Submit a Comment

Your email address will not be published. Required fields are marked *

error: Alert: Content is protected !!