commandlinefu.com is the place to record those command-line gems that you return to again and again.
Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.
If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/
You can sign-in using OpenID credentials, or register a traditional username and password.
First-time OpenID users will be automatically assigned a username which can be changed after signing in.
Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.
Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):
Subscribe to the feed for:
Count your source and header file's line numbers. This ignores blank lines, C++ style comments, single line C style comments.
This will not ignore blank lines with tabs or multiline C style comments.
This is a slightly modified version of http://www.commandlinefu.com/commands/view/4283/recursive-search-and-replace-old-with-new-string-inside-files (which did not work due to incorrect syntax) with the added option to sed inside only files named filename.ext
git gc should be run on all git repositories every 100 commits. This will help do do so if you have many git repositories ;-)
libpurple likes to hardlink files repeatedly. To ignore libpurple, use sed: | sed '/\.\/\.purple/d'
find ip address in all files in /etc directory. can be used to find any string in any directory really
list all files are greater than 10mb
Find all .gz files and recompress them to bz2 on the fly. No temp files.
edit: forgot the double quotes! jeez!
This solution is similar to  except that it does not have any dependency on GNU Parallel. Also, it tries to minimize the impact on the running system (using ionice and nice).
The number on the far right is ratio of comments to code, expressed as a percentage. For the rest of the Yardstick documentation see https://github.com/calmh/yardstick/blob/master/README.md#reported-metrics
I have found that base64 encoded webshells and the like contain lots of data but hardly any newlines due to the formatting of their payloads. Checking the "width" will not catch everything, but then again, this is a fuzzy problem that relies on broad generalizations and heuristics that are never going to be perfect.
What I have done is set an arbitrary threshold (200 for example) and compare the values that are produced by this script, only displaying those above the threshold. One webshell I tested this on scored 5000+ so I know it works for at least one piece of malware.
passthru, shell_exec, system, phpinfo, base64_decode, chmod, mkdir, fopen, fclose, readfile
Since some of the strings may occur in normal text or legitimately you will need to adjust the command or the entire regex to suit your needs.
Uses find, plutil and xpath.
Note: Some applications don't have proper information. system_profiler might be better to use.
It's a bit slow query.
Due to command length limit, I removed -name "*.app" and CFBundleName.
xargs is a more elegant approach to executing a command on find results then -exec as -exec is meant as a filtering flag.
Finds files modified today since 00:00, removes ugly dotslash characters in front of every filename, and sorts them.
*EDITED* with the advices coming from flatcap (thanks!)
This command is more robust because it handles spaces, newlines and control characters in filenames. It uses printf, not ls, to determine file size.
Find top 5 big files
Get the longest match of file extension (Ex. For 'foo.tar.gz', you get '.tar.gz' instead of '.gz')