Nikto – Web server scanner

Note: Nikto is included in latest Kali Linux (2020.1)

Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server.

It can be used to discover potential issues and security vulnerabilities from web servers including:

  • Server and software misconfigurations
  • Default files and programs
  • Insecure files and programs
  • Outdated servers and programs [1]

Some basic usages/Quick start

Scan the IP/Host on TCP port 80

nikto -h 10.0.0.1
 
nikto -h contoso.com

Scan the IP/Host on specified port (443 in this case)

nikto -h 10.0.0.1 -p 443
 
nikto -h https://10.0.0.1:443/

Multiple Ports

nikto -h 10.0.0.1 -p 40,443,3128

Using a proxy

# Using the proxy server specified from configuration file
nikto -h 10.0.0.1 -p 80 -useproxy
 
# Specifying proxy server on the fly
nikto -h 10.0.0.1 -useproxy http://127.0.0.1:3128/

Help

$ nikto -H
   Options:
       -ask+               Whether to ask about submitting updates
                               yes   Ask about each (default)
                               no    Don't ask, don't send
                               auto  Don't ask, just send
       -Cgidirs+           Scan these CGI dirs: "none", "all", or values like "/cgi/ /cgi-a/"
       -config+            Use this config file
       -Display+           Turn on/off display outputs:
                               1     Show redirects
                               2     Show cookies received
                               3     Show all 200/OK responses
                               4     Show URLs which require authentication
                               D     Debug output
                               E     Display all HTTP errors
                               P     Print progress to STDOUT
                               S     Scrub output of IPs and hostnames
                               V     Verbose output
       -dbcheck           Check database and other key files for syntax errors
       -evasion+          Encoding technique:
                               1     Random URI encoding (non-UTF8)
                               2     Directory self-reference (/./)
                               3     Premature URL ending
                               4     Prepend long random string
                               5     Fake parameter
                               6     TAB as request spacer
                               7     Change the case of the URL
                               8     Use Windows directory separator (\)
                               A     Use a carriage return (0x0d) as a request spacer
                               B     Use binary value 0x0b as a request spacer
        -Format+           Save file (-o) format:
                               csv   Comma-separated-value
                               json  JSON Format
                               htm   HTML Format
                               nbe   Nessus NBE format
                               sql   Generic SQL (see docs for schema)
                               txt   Plain text
                               xml   XML Format
                               (if not specified the format will be taken from the file extension passed to -output)
       -Help              Extended help information
       -host+             Target host/URL
       -404code           Ignore these HTTP codes as negative responses (always). Format is "302,301".
       -404string         Ignore this string in response body content as negative response (always). Can be a regular expression.
       -id+               Host authentication to use, format is id:pass or id:pass:realm
       -key+              Client certificate key file
       -list-plugins      List all available plugins, perform no testing
       -maxtime+          Maximum testing time per host (e.g., 1h, 60m, 3600s)
       -mutate+           Guess additional file names:
                               1     Test all files with all root directories
                               2     Guess for password file names
                               3     Enumerate user names via Apache (/~user type requests)
                               4     Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests)
                               5     Attempt to brute force sub-domain names, assume that the host name is the parent domain
                               6     Attempt to guess directory names from the supplied dictionary file
       -mutate-options    Provide information for mutates
       -nointeractive     Disables interactive features
       -nolookup          Disables DNS lookups
       -nossl             Disables the use of SSL
       -no404             Disables nikto attempting to guess a 404 page
       -Option            Over-ride an option in nikto.conf, can be issued multiple times
       -output+           Write output to this file ('.' for auto-name)
       -Pause+            Pause between tests (seconds, integer or float)
       -Plugins+          List of plugins to run (default: ALL)
       -port+             Port to use (default 80)
       -RSAcert+          Client certificate file
       -root+             Prepend root value to all requests, format is /directory
       -Save              Save positive responses to this directory ('.' for auto-name)
       -ssl               Force ssl mode on port
       -Tuning+           Scan tuning:
                               1     Interesting File / Seen in logs
                               2     Misconfiguration / Default File
                               3     Information Disclosure
                               4     Injection (XSS/Script/HTML)
                               5     Remote File Retrieval - Inside Web Root
                               6     Denial of Service
                               7     Remote File Retrieval - Server Wide
                               8     Command Execution / Remote Shell
                               9     SQL Injection
                               0     File Upload
                               a     Authentication Bypass
                               b     Software Identification
                               c     Remote Source Inclusion
                               d     WebService
                               e     Administrative Console
                               x     Reverse Tuning Options (i.e., include all except specified)
       -timeout+          Timeout for requests (default 10 seconds)
       -Userdbs           Load only user databases, not the standard databases
                               all   Disable standard dbs and load only user dbs
                               tests Disable only db_tests and load udb_tests
       -useragent         Over-rides the default useragent
       -until             Run until the specified time or duration
       -update            Update databases and plugins from CIRT.net
       -url+              Target host/URL (alias of -host)
       -useproxy          Use the proxy defined in nikto.conf, or argument http://server:port
       -Version           Print plugin and database versions
       -vhost+            Virtual host (for Host header)
                + requires a value

Resources

[1] Nikto v2.1.5 – The Manual
[2] Github


How to: Upgrade Roundcube webmail easily with terminal/command

Roundcube is an open source web/online MUA (mail user agent)

Note!: Don’t forget to change the download link and folder name for wget and Install/Update (Step 2 and 4)

#1 Switch to /tmp directory
cd /tmp
 
#2 Download the package with wget
wget https://github.com/roundcube/roundcubemail/releases/download/1.4.3/roundcubemail-1.4.3-complete.tar.gz
 
#3 Extract the package
tar xf roundcubemail-*.tar.gz
 
#4 Install/Update
./roundcubemail-1.4.3/bin/installto.sh /destinationFolder/roundcube

Extended Reading

MUA (mail user agent) Is used for users to read, compose, and send email. Examples of MUAs are Roundcube, SquirrelMail, pine, Microsoft Outlook etc.

MTA (mail transfer agent) Is used for the transport, delivery, and forwarding of email. Examples of MTAs like SMTP servers are POSTFIX, sendmail etc.


How to: Add DSCP, QoS, 802.1Q VLAN ID to Wireshark columns

Sometimes we want to see DSCP, QoS, 802.1Q VLAN ID information while diagnosing the network.

Here is how to add those to columns for easier inspecting

1 Launch Wireshark, select an NIC to work with

2 Right click on the column (Near top, under the toolbar)

Wireshark - column
Wireshark – column

3 Then click on “Column Preferences…”

Wireshark - Column Preferences...
Wireshark – Column Preferences…

4 Navigate to “Appearance -> Columns”

Wireshark - Preferences
Wireshark – Preferences

5 Click on the “+” button

6 Add the necessary rows from below table (Title can be different)

TitleTypeFieldsField Occurrence
DSCPCustomip.dsfield.dscp0
DSCP ValueIP DSCP Value
QoSCustomqos0
802.1Q802.1Q VLAN id
Wireshark - Preferences - Add column
Wireshark – Preferences – Add column

7 When finished, click on “OK” button

8 Now we can see those added columns

Wireshark with added columns
Wireshark with added columns

How to: Find Largest file on Windows, Windows 7, Windows 10, Microsoft Windows, Windows Server (Disk Space Usage)

For finding largest file/folder or showing disk space usage on Linux, refer to this one: (Linux Command Line/ Terminal Disk Space Usage tool (Find largest folder/file))

Sometimes, we want to find largest files or folders from our computer, especially when we are running out of space on hard drive. Because spending time to find different small useless files and then delete them can be very time consuming and after all it’s possible that we have only deleted couple MB of files which won’t help much. Remove one or two huge files or folders may help a lot.

Here is a list of software which can be used just for this purpose and for free, even better, some are open source.

WinDirStat

WinDirStat
WinDirStat
  • Easy to use
  • Free, Open Source
  • Can be installed
  • Portable version available (via portableapps)

SpaceSniffer

SpaceSniffer
SpaceSniffer
  • Easy to use
  • Free
  • Portable version available

WizTree

WizTree
WizTree
  • Easy to use
  • Free
  • Can be installed
  • Portable version available

Summary

Out of three, WinDirStat is the only open source one, Space Sniffer and WinTree are both freeware only.

WinDirStat does not provide official portable version, but portable version can be downloaded from portableapps. Both SpaceSniffer and WizTree provide official portable version.

All of them are very easy to use, the user interface of WinDirStat and WizTree are very similar, you click on the tile or block to reveal the file name, while SpaceSniffer displays the file and folder name directly on the tile/block.

Bottom line, choose whichever you like to use or give all of them a try and decide which one to go with, or even keep all of them in your bag, backup plan will not hurt ๐Ÿ˜‰

Download/Resource

  1. WinDirStat
  2. SpaceSniffer
  3. WinTree

Make the touchpad better on Windows

Note: Make sure you have a backup mouse ready before you start following steps

Windows 10 – Precision Touchpads settings

1 Use Win + I key to Open the Settings App

2 Navigate to “Devices -> Touchpad” or just use following link

Click here to bring up touchpad settings page directly (ms-settings:devices-touchpad)

Windows 10 Settings - Touchpad
Windows 10 Settings – Touchpad

Then you can start to customize different gestures

Windows - Settings - Other gestures
Windows – Settings – Other gestures
Windows - Advanced gesture configuration
Windows – Advanced gesture configuration

Precision Touchpad Driver (If Windows 10 Precision Touchpad settings is not showing up)

If you did not see those options in touchpad settings page, try to install the driver, see if the option appears after that.

First we need to find out if our touchpad is mad by Synaptics or ELAN.

1 Launch the Run window via Win + R key combination

Microsoft Windows - Run window
Microsoft Windows – Run window

2 Enter “devmgmt.msc”

3 Now the Device Manager is opened

4 Look for “Mice and other pointing devices”

Device Manager
Device Manager

5 Expand it, see if we have Synaptics or ELAN

6 If it’s Synaptics open this link: https://www.catalog.update.microsoft.com/Search.aspx?q=synaptics

ELAN open this link: https://www.catalog.update.microsoft.com/Search.aspx?q=ELAN%20wdf

7 Download latest version of the driver from the website

8 When downloaded, open the file, extract it, find the “dpinst.exe”

9 Double click on it to install it

10 Restart the device once the installation is done

11 Follow step 1 to 4 again find the touchpad device, right click on it then click on “Update driver”, reboot maybe required after updating

12 Now you should be able to see the Windows 10 Precision Touchpad options.

Third-party software solution

If the above steps still not working, we can try to install a software which will dramatically improve our touchpad experience as well and it’s free!

The software is named “GestureSign”, even better, we can download it from Microsoft store for free

Microsoft Store- GestureSign
Microsoft Store- GestureSign

Description from Microsoft Store

GestureSign is a gesture recognition software for Windows tablet, Precision Touchpad and mouse. You can automate repetitive tasks by simply drawing a gesture with your fingers or mouse.

GestureSign supports the following commands:

  • Activate Window
  • Window Control
  • Touch Keyboard Control
  • Keyboard simulation
  • Key Down/Up
  • Mouse Simulation
  • Send Keystrokes
  • Open Default Browser
  • Screen Brightness
  • Volume Adjustment
  • Run Command Prompt Commands
  • Open File or Website
  • Launch Windows Store App
  • Send Message
  • Toggle Window Topmost
GestureSign - Action
GestureSign – Action
GestureSign - Gesture
GestureSign – Gesture
GestureSign - Options
GestureSign – Options
GestureSign - Ignored
GestureSign – Ignored

Click here to Download

Open source and Free Alternative to Postman -> Postwoman

Postwoma - postwoman.io
Postwoma – postwoman.io

Postwoman is an open source alternative to Postman. (Usually used for API request building)

Using Postwoman is basically same as using Postman, there should be no learning curve at all if you switch from Postman to Postwoman.

Description from official GitHub page

Features โœจ

โค๏ธ Lightweight: Crafted with minimalistic UI design – simple design is the best design.

โšก๏ธ Fast: Send requests and get/copy responses in real-time – fast software is the best software.

Methods:

  • GET – Retrieve information about the REST API resource
  • HEAD – Retrieve response headers identical to those of a GET request, but without the response body.
  • POST – Create a REST API resource
  • PUT – Update a REST API resource
  • DELETE – Delete a REST API resource or related component
  • CONNECT – Establishes a tunnel to the server identified by the target resource
  • OPTIONS – Describe the communication options for the target resource
  • TRACE – Performs a message loop-back test along the path to the target resource
  • PATCH – Apply partial modifications to a REST API resource
  • <custom> – Some APIs use custom request methods such as LIST. Type in your custom methods.

๐ŸŒˆ Make it yours: Customizable combinations for background, foreground and accent colors: because customization is freedom. Customize now โœจ.

Customizations:

  • Choose theme: Kinda Dark (default), Clearly White, Just Black and System theme
  • Choose accent color: Green (default), Yellow, Pink, Red, Purple, Orange, Cyan and Blue
  • Toggle multi-colored headings

Customized themes are synced with local session storage

๐Ÿ”ฅ PWA: Install as a PWA on your device.

Features:

๐Ÿš€ Request: Retrieve response from endpoint instantly.

  • Choose method
  • Enter URL and Path
  • Send

Features:

  • Copy/share public “Share URL”
  • Generate request code for JavaScript XHRFetch and cURL
  • Copy generated request code to clipboard
  • Import cURL
  • Label requests

๐Ÿ”Œ WebSocket: Establish full-duplex communication channels over a single TCP connection.

  • Send and receive data
  • Basic and Bearer Token authentication

๐Ÿ“ก Server Sent Events: Receive a stream of updates from a server over a HTTP connection without resorting to polling.

๐Ÿ”ฎ GraphQL: GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data.

  • Set endpoint and get schemas
  • Multi-column docs
  • Set custom request headers
  • Query schema
  • Get query response

๐Ÿ” Authentication: Allows to identify the end user.

Types:

  • None
  • Basic
  • Bearer Token
  • OAuth 2.0
  • OIDC Access Token/PKCE (Proof Key for Code Exchange)

๐Ÿ“ข Headers: Describes the format the body of your request is being sent as.

  • Add or remove Header list

๐Ÿ“ซ Parameters: Use request parameters to set varying parts in simulated requests.

๐Ÿ“ƒ Request Body: Used to send and receive data via the REST API.

Options:

  • Set Content Type
  • Add or remove Parameter list
  • Toggle between key-value and RAW input Parameter list

๐Ÿ‘‹ Responses: Contains the status line, headers and the message/response body.

  • Copy response to clipboard
  • Download response to as a file
  • View preview of HTML responses

โฐ History: Request entries are synced with local session storage to reuse with a single click.

Fields:

  • Star
  • Label
  • Method
  • Status code
  • URL
  • Path
  • Timestamp
  • Duration
  • Pre-request script

History entries can be sorted by any fields

Histories can be deleted one-by-one or all together

๐Ÿ“ Collections: Keep your API requests organized with collections and folders. Reuse them with a single click.

Options:

  • Create infinite collections, folders and requests
  • Edit, delete, move, export, import and replace

Collections are synced with local session storage

๐ŸŒ Proxy: Enable Proxy Mode from Settings to access blocked APIs.

Features:

  • Hide your IP address
  • Fixes CORS (Cross Origin Resource Sharing) issues
  • Access APIs served in non-HTTPS (http://)
  • Use custom Proxy URL

Official Postwoman Proxy is hosted by ApolloTV – Privacy policy

๐Ÿ“œ Pre-Request Scripts ฮฒ: Snippets of code associated with a request that are executed before the request is sent.

Use-cases:

  • Include timestamp in the request headers
  • Send a random alphanumeric string in the URL parameters

Requests with Pre-Request Scripts are indicated in History entries

๐Ÿ“„ API Documentation: Create and share dynamic API documentation easily, quickly.

Usage:

  1. Add your requests to Collections and Folders
  2. Export Collections and easily share your APIs with the rest of your team
  3. Import Collections and Generate Documentation on-the-go

โŒจ๏ธ Keyboard Shortcuts: Optimized for efficiency.

Shortcuts:

  • Send Request Ctrl + G
  • Save to Collections Ctrl + S
  • Copy Request Link Ctrl + K
  • Reset Request Ctrl + L

๐ŸŒŽ i18n ฮฒ: Experience the app in your own language.

  1. Scroll down to the footer
  2. Click “Choose Language” icon button
  3. Select your language from the menu

Keep in mind: Translations aren’t available for all source and target language combinations

To provide a localized experience for users around the world, you can add you own translations.

All i18n contributions are welcome to i18n branch only!

๐Ÿ“ฆ Add-ons: Official add-ons for Postwoman.

  • Proxy ฮฒ – A simple proxy server created for Postwoman
  • CLI ฮฒ – A CLI solution for Postwoman
  • Browser Extensions – Browser extensions that simplifies access to Postwoman Firefox (GitHub)  |   Chrome (GitHub)Extensions fixes CORS issues.

Add-ons are developed and maintained under Official Postwoman Organization.

โ˜๏ธ Auth + Sync: Sign in and sync in real-time.

Sign in with:

  • Google
  • GitHub

Sync:

  • History
  • Collections

โœ… Post-Request Tests ฮฒ: Write tests associated with a request that are executed after the request response.

Use-cases:

  • Check the status code as an integer
  • Filter response headers
  • Parse the response data

To find out more, please check out Postwoman Wiki.

Resources

Postwoman Demo
Official GitHub page


How to: Solve math equation/Algebra step by step? Mobile App and Windows Software

Are you an student? Trying to resolve an math equation? Don’t know how to resolve it even the final answer is in front of you? Read on! ๐Ÿ˜‰

Microsoft created two free Math tools which can help you to get the answer, even better, it can show you step by step resolution, so that you understand and learn how to get the final answer rather than copy the final answer.

Microsoft Math Solver

With this mobile app, we can input math equation by three ways:

  • Scan from writing (Take photo from exercise book etc.)
  • Handwriting directly within the App
  • Enter the equation by using builtin math keyboard

It will then return final results with steps which you can expand and learn.

Microsoft Math Solver
Microsoft Math Solver
Microsoft Math Solver - Snap and Solve
Microsoft Math Solver – Snap and Solve
Microsoft Math Solver - Draw and Practice
Microsoft Math Solver – Draw and Practice
Microsoft Math Solver - Explore and Learn
Microsoft Math Solver – Explore and Learn
Microsoft Math Solver - Steps
Microsoft Math Solver – Steps
Microsoft Math Solver - Steps
Microsoft Math Solver – Steps
Microsoft Math Solver - Graph
Microsoft Math Solver – Graph
Microsoft Math Solver - Handwriting
Microsoft Math Solver – Handwriting
Microsoft Math Solver - Built-in math keyboard
Microsoft Math Solver – Built-in math keyboard
Microsoft Math Solver - Built-in math keyboard
Microsoft Math Solver – Built-in math keyboard
Microsoft Math Solver - Resolve
Microsoft Math Solver – Resolve
Microsoft Math Solver - Scan
Microsoft Math Solver – Scan
Microsoft Math Solver - Resolve
Microsoft Math Solver – Resolve
Microsoft Math Solver - Resolve
Microsoft Math Solver – Resolve
Microsoft Math Solver - Resolve
Microsoft Math Solver – Resolve
Microsoft Math Solver - Final Answer
Microsoft Math Solver – Final Answer

Microsoft Mathematics

This free software can be used on Microsoft Windows to resolve math equations.

Microsoft Mathematics
Microsoft Mathematics
Microsoft Mathematics - Main Window
Microsoft Mathematics – Main Window
Microsoft Mathematics - Resolve linear equation in two variable
Microsoft Mathematics – Resolve linear equation in two variable
Microsoft Mathematics - Resolve linear equation in two variable, Steps
Microsoft Mathematics – Resolve linear equation in two variable, Steps
Microsoft Mathematics - Resolve linear equation in two variable, Steps
Microsoft Mathematics – Resolve linear equation in two variable, Steps

Keywords: Solve math equation, solve linear equation, solve linear equation in two variable, solve math problems, software, application, app, computer program, free, Algebra


How to: Find which process is causing high CPU usage Linux/Ubutu/Debian/Kali Linux/CentOS/RHEL

“top” command

top shows CPU usage in real time.

By default, it lists process by their CPU usage, refreshes every 5 seconds.

We can use following command to show top 10 processes with highest CPU usage.

top -b | head -10
[email protected]:~# top -b | head -10
top - 02:05:40 up 20:24,  1 user,  load average: 0.00, 0.00, 0.00
Tasks: 165 total,   1 running, 164 sleeping,   0 stopped,   0 zombie
%Cpu(s):  3.1 us,  3.1 sy,  0.0 ni, 93.8 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :   3913.3 total,   2066.4 free,    617.4 used,   1229.6 buff/cache
MiB Swap:   4094.0 total,   3850.2 free,    243.8 used.   3042.1 avail Mem 
    PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND
  61649 root      20   0    9144   3560   3164 R   6.7   0.1   0:00.01 top
      1 root      20   0  166420   5908   3936 S   0.0   0.1   0:04.54 systemd
      2 root      20   0       0      0      0 S   0.0   0.0   0:00.03 kthreadd
  • -b : Batch mode.
  • head -10: Display first 10 lines in the output.
  • PID : Unique ID of the process.
  • USER : Owner of the process.
  • PR : priority of the process.
  • NI : The NICE value of the process.
  • VIRT : How much virtual memory used by the process.
  • RES : How much physical memory used by the process.
  • SHR : How much shared memory used by the process.
  • S : This indicates the status of the process: S=sleep R=running Z=zombie.
  • %CPU : The percentage of CPU used by the process.
  • %MEM : The percentage of RAM used by the process.
  • TIME+ : How long the process being running.
  • COMMAND : Name of the process.

“ps” command

“ps” stands for “processes status”, it display the information about the active/running processes on the system.

We can use following command to find out high CPU usage processes.

ps -eo pid,ppid,%mem,%cpu,cmd --sort=-%cpu | head
[email protected]:~# ps -eo pid,ppid,%mem,%cpu,cmd --sort=-%cpu | head
    PID    PPID %MEM %CPU CMD
     78       2  0.0  0.4 [kswapd0]
    639     576  4.1  0.4 /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch
    262       2  0.0  0.2 [kworker/1:1H-kblockd]
    267       2  0.0  0.1 [kworker/0:1H-kblockd]
    889     823  0.8  0.1 xfwm4 --display :0.0 --sm-client-id 24f144caf-a490-40f0-afc0-fd75665210e1
      1       0  0.1  0.0 /sbin/init splash
      2       0  0.0  0.0 [kthreadd]
      3       2  0.0  0.0 [rcu_gp]
      4       2  0.0  0.0 [rcu_par_gp]

To see the command name instead of full path.

ps -eo pid,ppid,%mem,%cpu,comm --sort=-%cpu | head
[email protected]:~# ps -eo pid,ppid,%mem,%cpu,comm --sort=-%cpu | head
    PID    PPID %MEM %CPU COMMAND
     78       2  0.0  0.4 kswapd0
    639     576  4.1  0.4 Xorg
    262       2  0.0  0.2 kworker/1:1H-kblockd
    267       2  0.0  0.1 kworker/0:1H-kblockd
    889     823  0.8  0.1 xfwm4
      1       0  0.1  0.0 systemd
      2       0  0.0  0.0 kthreadd
      3       2  0.0  0.0 rcu_gp
      4       2  0.0  0.0 rcu_par_gp
  • -e : Select all processes.
  • -o : To customize a output format.
  • โ€“sort=-%cpu : Sort the ouput based on CPU usage.
  • head : To display first 10 lines of the output
  • PID : Unique ID of the process.
  • PPID : Unique ID of the parent process.
  • %MEM : The percentage of RAM used by the process.
  • %CPU : The percentage of CPU used by the process.
  • Command : Name of the process.

htop

htop is a command line utility that allows you to interactively monitor your systemโ€™s vital resources or serverโ€™s processes in real time

You might need to install htop first

#Debian/Ubuntu/Kali Linux etc.
sudo apt install htop
 
#CentOS/RHEL etc.
sudo yum install htop

To launch htop (Use “q” key to exit)

htop
htop
htop

We can easily sort the processes by their Priority, Nice, Virtual memory usage, Memory, CPU and running time etc. Simply by clicking on the column header.

glances

glances is another utility which can be easily installed and used system resource monitoring tool.

Install

#Debian/Ubuntu/Kali Linux etc.
sudo apt install glances
 
#CentOS/RHEL etc.
sudo yum install glances 

Launch (Use “q” key to exit)

glances

How to: compare Files/Code/Folders/Images/Pictures – List of three Open source Comparing Software/Tools

WinMerge

WinMerge
WinMerge
  • Windows
  • Open source/Free
  • Compare text files/source code files/folders/images
  • Easy to use

WinMerge

Notepad ++

Notepad++ with Compare plugin
Notepad++ with Compare plugin
  • Windows
  • Open source/Free
  • Compare text files/source code files
  • Easy to use

Notepad++

By default Notepad++ doesn’t have compare function.

We can make it possible by easily installing a compare plugin after Notepad++ is installed.

“Plugins -> Plugins Admin…-> Search for “Compare -> Check “Compare” -> Click “Install” button. -> Click on Yes when the pop-up window appears” After it’s done, Notepad++ will restart itself.

Notepad++ -> Plugins Admin
Notepad++ -> Plugins Admin
Notepad++ Install Compare plugin
Notepad++ Install Compare plugin
Click on Yes
Click on Yes
Wait until it's downloaded and installed
Wait until it’s downloaded and installed

Now we can see the Compare plugin is installed. “Plugins -> Compare”

Compare plugin installed
Compare plugin installed

Diffuse

Diffuse
Diffuse
  • Windows/Linux
  • Open source/Free
  • Compare text files/source code files
  • Easy to use

Diffuse

DiffImg

DiffImg
DiffImg
  • Windows/Linux
  • Open source/Free
  • Compare Image files
  • Easy to use

DiffImg

There are many free online text/source code compare and image compare tools as well which doesn’t require any installation, can be handy when it needs to be done quickly, not suitable for huge files or images or any confidential content.