Logo . / chrisalupului
favorite CLI tool for penetration testing - FZF

favorite CLI tool for penetration testing - FZF

Chris Alupului Chris Alupului
January 9, 2025
3 min read
cli tool tools penetration testing kali
Next Post htb: trick walkthrough
Previous Post kali linux 2025: BEST setup for ethical hacking
Table of Contents

In this video, I’ll cover:

✅ What is fzf and why it’s a game-changer for ethical hackers

✅ How to install and integrate fzf in Kali Linux

✅ Practical use cases:

  • Searching through wordlists
  • Finding commands in history
  • Killing processes and navigating directories
  • Previewing file contents with color

✅ Tips and tricks to maximize your productivity

Commands used in the video:

sudo apt update && sudo apt upgrade

Install fzf:

sudo apt install fzf

Preview files:

fzf --preview="batcat --color=always {}"

Search command history:

history | fzf

Open files in Nano:

nano $(fzf --preview="batcat --color {}")

If you’re ready to take your Linux skills to the next level and supercharge your pentesting workflow, this video is for you!

My fzf information in my .zshrc file for kali linux

.zshrc
# Set up fzf key bindings and fuzzy completion
source <(fzf --zsh)
 
export FZF_DEFAULT_COMMAND="fd --hidden --strip-cwd-prefix --exclude .git"
export FZF_CTRL_T_COMMAND="$FZF_DEFAULT_COMMAND"
# alt+c is directory tree with preview in eza
export FZF_ALT_C_COMMAND="fd --type=d --hidden --strip-cwd-prefix"
 
export FZF_DEFAULT_OPTS="--height 70% --layout=reverse --border --color=hl:#2dd4bf"
 
# fzf default for tmux, change window size to preference
export FZF_TMUX_OPTS=" -p100%,100% "
 
# pwd without nano
#export FZF_CTRL_T_OPTS="--preview 'batcat --color=always -n --line-range :500 {}'"
 
# open with nano, or your editor of choice
export FZF_CTRL_T_OPTS="--preview 'batcat --color=always -n --line-range :500 {}' --bind 'enter:execute(nano {})'"
export FZF_ALT_C_OPTS="--preview 'eza --tree --color=always {} | head -200'"

fd is a program to find entries in your filesystem. It is a simple, fast and user-friendly alternative to find.

eza is a modern alternative for the venerable file-listing command-line program ls.

batcat You can use bat as a previewer for fzf.

Shoutout to @Link1995Kid from Youtube!

@chrisalupului this preview command allows us to adapt preview based on selected file or folder:

.zshrc
fzf --preview '([[ -r {} && ! -d {} ]] && (file --mime-type -b {} | grep -qE '\''^(text|application/(x-shellscript|json|xml|javascript))'\'' && batcat --color=always --terminal-width $(tput cols) -n --line-range :500 {} || file {} | cut -d: -f2) || ([[ -d {} ]] && eza --tree --color=always {} | head -200 || file {} | cut -d: -f2))'

It use batcat to display readable files, eza to display directories and file otherwise.

Next Post htb: trick walkthrough
Previous Post kali linux 2025: BEST setup for ethical hacking